Bug 2102242

Summary: [4.10] openshift-cluster-storage-operator prometheus rbac is missing on IBM Cloud
Product: OpenShift Container Platform Reporter: John McMeeking <jmcmeek>
Component: StorageAssignee: Jonathan Dobson <jdobson>
Storage sub component: Operators QA Contact: Wei Duan <wduan>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: chaoyang, jdobson
Version: 4.7   
Target Milestone: ---   
Target Release: 4.10.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-07-11 15:27:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2102438    
Bug Blocks: 2102760    

Description John McMeeking 2022-06-29 14:05:12 UTC 
Description of problem:

Please cherry-pick https://github.com/openshift/cluster-storage-operator/pull/267 to active releases (4.7 to 4.10). We (IBM) have some customer reports of this on the Red Hat OpenShift on IBM Cloud offering.


Version-Release number of selected component (if applicable):

4.7 through 4.10

How reproducible:

Always

Steps to Reproduce:
1. Deploy an 4.7 through 4.10 cluster in the Red Hat OpenShift on IBM Cloud service.
2. list roles and and rolebindings in the openshift-cluster-storage-operator namespace
3.

Actual results:

No prometheus role or rolebinding is listed.


Expected results:

prometheus role and rolebinding are listed


Master Log:

Node Log (of failed PODs):

PV Dump:

PVC Dump:

StorageClass Dump (if StorageClass used by PV/PVC):

Additional info:
Comment 1 John McMeeking 2022-06-29 14:10:50 UTC 
Is something similar required in 4.6?  I didn't see the manifest in release-4.6.
Comment 2 Jonathan Dobson 2022-06-29 22:32:24 UTC 
(In reply to John McMeeking from comment #1)
> Is something similar required in 4.6?  I didn't see the manifest in
> release-4.6.

This manifest didn't exist until bug 1904578 added it in 4.7, I don't think it makes sense to backport to 4.6.
Comment 4 Chao Yang 2022-07-01 10:14:03 UTC 
4.10.0-0.nightly-2022-07-01-003553

oc get roles/prometheus -o json | jq .metadata.annotations
{
  "include.release.openshift.io/ibm-cloud-managed": "true",
  "include.release.openshift.io/self-managed-high-availability": "true",
  "includ
e.release.openshift.io/single-node-developer": "true"
}

oc get rolebindings/prometheus -o json | jq .metadata.annotations
{
  "include.release.openshift.io/ibm-cloud-managed": "true",
  "include.release.openshift.io/self-managed-high-availability": "true",
  "include.release.openshift.io/single-node-developer": "true"
}

oc -n openshift-monitoring exec -c prometheus prometheus-k8s-0 -- curl -k -H "Authorization: Bearer $token" 'https://prometheus-k8s.openshift-monitoring.svc:9091/api/v1/query?query=kube_persistentvolume_info' | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   401    0   401    0     0  21105      0 --:--:-- --:--:-- --:--:-- 21105
{
  "status": "success",
  "data": {
    "resultType": "vector",
    "result": [
      {
        "metric": {
          "__name__": "kube_persistentvolume_info",
          "container": "kube-rbac-proxy-main",
          "endpoint": "https-main",
          "job": "kube-state-metrics",
          "namespace": "openshift-monitoring",
          "persistentvolume": "pvc-23807fc2-d227-423c-b63d-f061fe456817",
          "service": "kube-state-metrics",
          "storageclass": "ibmc-vpc-block-10iops-tier"
        },
        "value": [
          1656665366.21,
          "1"
        ]
      }
    ]
  }
}
Comment 7 errata-xmlrpc 2022-07-11 15:27:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.10.22 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:5513