Bug 2029504

Summary: kube-apiserver audit logs show a lot of 404 errors for DELETE "*/secrets/encryption-config" on single node clusters
Product: OpenShift Container Platform Reporter: Damien Grisonnet <dgrisonn>
Component: openshift-apiserverAssignee: Damien Grisonnet <dgrisonn>
Status: CLOSED ERRATA QA Contact: Rahul Gangwar <rgangwar>
Severity: low Docs Contact:
Priority: low    
Version: 4.9CC: aos-bugs, dgrisonn, kewang, mfojtik, otuchfel, xxia
Target Milestone: ---   
Target Release: 4.9.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: LifecycleReset
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1982726 Environment:
Last Closed: 2022-02-10 06:33:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1982726    
Bug Blocks:    

Comment 4 Rahul Gangwar 2022-01-31 06:06:57 UTC 
 oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.9.0-0.nightly-2022-01-28-192738   True        False         14m     Cluster version is 4.9.0-0.nightly-2022-01-28-192738

oc get node
NAME                                                    STATUS   ROLES           AGE   VERSION
rgangwar-31de8-mlsmr-master-0.c.openshift-qe.internal   Ready    master,worker   27m   v1.22.3+2cb6068
rahulgangwar@rgangwar-mac openshift-tests-private % oc debug node/rgangwar-31de8-mlsmr-master-0.c.openshift-qe.internal
Starting pod/rgangwar-31de8-mlsmr-master-0copenshift-qeinternal-debug ...
To use host binaries, run `chroot /host`
Pod IP: 10.0.0.3
If you don't see a command prompt, try pressing enter.
sh-4.4# chroot /host
sh-4.4# cd /var/log/kube-apiserver
sh-4.4# sudo cat *audit-*.log | jq 'select(.responseStatus.code >= 400) | select(.requestURI | test("encryption"))'|wc -l 
1015
sh-4.4# sudo cat *audit-*.log | jq 'select(.responseStatus.code >= 400) | select(.requestURI | test("encryption"))'>enc  
sh-4.4# grep '"code": 404' enc | wc -l
13

Got less 404 errors than before, based this result, move the bug VERIFIED.
Comment 7 errata-xmlrpc 2022-02-10 06:33:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.19 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:0340