Bug 2142902
Summary: | Disable Liveness container in csi pods | ||
---|---|---|---|
Product: | [Red Hat Storage] Red Hat OpenShift Data Foundation | Reporter: | Madhu Rajanna <mrajanna> |
Component: | rook | Assignee: | Madhu Rajanna <mrajanna> |
Status: | CLOSED ERRATA | QA Contact: | Daniel Osypenko <dosypenk> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.10 | CC: | kbg, kramdoss, muagarwa, nberry, ocs-bugs, odf-bz-bot, rcyriac, sheggodu, tnielsen |
Target Milestone: | --- | ||
Target Release: | ODF 4.10.10 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | 4.10.10-1 | Doc Type: | Bug Fix |
Doc Text: |
Previously, services running without the TLS was problematic if security was the main concern for the customers. This was because a Liveness sidecar container deployed with the CSI pods to check if CSI dirver is responding appropriately or not, was running without TLS.
With this fix, Liveness container in all Ceph CSI pods are disabled and as a result, no service is running in Ceph CSI pods without TLS, and one less container in Ceph CSI pods.
|
Story Points: | --- |
Clone Of: | 2142901 | Environment: | |
Last Closed: | 2023-02-20 15:40:44 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2142901 | ||
Bug Blocks: |
Description
Madhu Rajanna
2022-11-15 12:44:45 UTC
https://github.com/red-hat-storage/rook/pull/429 is already backported to 4.10 verified that container 'liveness-prometheus' is not running on any csi pod OC version: Client Version: 4.12.0-202208031327 Kustomize Version: v4.5.4 Server Version: 4.11.0-0.nightly-2023-01-07-041900 Kubernetes Version: v1.24.6+5658434 OCS verison: ocs-operator.v4.11.4 OpenShift Container Storage 4.11.4 ocs-operator.v4.11.3 Succeeded Cluster version NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.11.0-0.nightly-2023-01-07-041900 True False 9h Cluster version is 4.11.0-0.nightly-2023-01-07-041900 Rook version: rook: v4.11.4-0.96e324244ec878d70194179a2892ec7193f6b591 go: go1.17.12 Ceph version: ceph version 16.2.8-84.el8cp (c2980f2fd700e979d41b4bad2939bb90f0fe435c) pacific (stable) Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat OpenShift Data Foundation 4.10.10 Bug Fix Update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:0827 |