Bug 2150752

Summary: ocs_advanced_usage metric is 0 even when storageclass/PV encryption is enabled
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: Rachael <rgeorge>
Component: ocs-operatorAssignee: umanga <uchapaga>
Status: CLOSED ERRATA QA Contact: Parag Kamble <pakamble>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.12CC: ebenahar, kramdoss, muagarwa, odf-bz-bot, sostapov, uchapaga
Target Milestone: ---   
Target Release: ODF 4.14.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 4.14.0-115 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of:
: 2233023 2233025 (view as bug list) Environment:
Last Closed: 2023-11-08 18:49:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2233023, 2233025    

Description Rachael 2022-12-05 08:36:29 UTC 
Description of problem (please be detailed as possible and provide log
snippets):

When storageclass or PV encryption is enabled on a cluster post deployment, the ocs_advanced_feature_usage_metric does not update it's value to 1. It does not detect the use of PV encryption, unless it is enabled during deployment.


The following logs were observed in the ocs-metrics-exporter pod:

W1205 08:27:51.092918       1 reflector.go:324] /remote-source/app/metrics/internal/collectors/cluster-advance-feature-use.go:166: failed to list *v1.StorageClass: forbidden: User "system:serviceaccount:openshift-storage:ocs-metrics-exporter" cannot get path "/storageclasses"
E1205 08:27:51.092960       1 reflector.go:138] /remote-source/app/metrics/internal/collectors/cluster-advance-feature-use.go:166: Failed to watch *v1.StorageClass: failed to list *v1.StorageClass: forbidden: User "system:serviceaccount:openshift-storage:ocs-metrics-exporter" cannot get path "/storageclasses"


Version of all relevant components (if applicable):
---------------------------------------------------
OCP: 4.12.0-0.nightly-2022-12-04-160656
ODF: odf-operator.v4.12.0-122.stable


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?
No


Is there any workaround available to the best of your knowledge?
N/A


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
2

Can this issue reproducible?
Yes

Can this issue reproduce from the UI?
Yes

If this is a regression, please provide more details to justify this:
No

Steps to Reproduce:
-------------------
1. Deploy an ODF 4.12 cluster without enabling encryption during deployment
2. After deployment, create an encryption enabled storageclass
3. Check the ocs_advanced_feature_usage metric from the UI by navigating to Observe -> Metrics
4. Check the Value parameter


Actual results:
---------------
The Value is 0


Expected results:
-----------------
Since, PV encryption is an advanced feature, the value should be 1
Comment 10 arun kumar mohan 2023-04-21 13:28:16 UTC 
We already had this PR: https://github.com/red-hat-storage/ocs-operator/pull/1826 , which was supposed to fix the issue.
As StorageClass is a cluster wide resource (and not a namespace constrained resource), may have to take a different approach.
Taking a look
Comment 11 arun kumar mohan 2023-04-27 17:04:37 UTC 
Umanga has created a PR for this: https://github.com/red-hat-storage/ocs-operator/pull/2032
This is now backported to 4.13 branch as well: https://github.com/red-hat-storage/ocs-operator/pull/2033
Comment 17 Shay Rozen 2023-05-30 08:35:49 UTC 
Added an encrypted storageclass checked the metric and it still 0. Moving to assigned.
Comment 18 Mudit Agarwal 2023-05-30 10:58:24 UTC 
Not a blocker for 4.13
Comment 25 Elad 2023-11-06 21:27:38 UTC 
When PV encryption storage class exists, ocs_advanced_feature_usage metric's value is set to 1.
Tested with:
ODF 4.14.0-161
OCP 4.14.0-0.nightly-2023-11-05-194730

===================================================================


Storage class:

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: storageclass-test-rbd-bc233ca580c64361aa
  uid: 82bf856a-d383-4b05-9700-c4251aefd09e
  resourceVersion: '239098'
  creationTimestamp: '2023-11-06T21:25:15Z'
  managedFields:
    - manager: kubectl-create
      operation: Update
      apiVersion: storage.k8s.io/v1
      time: '2023-11-06T21:25:15Z'
      fieldsType: FieldsV1
      fieldsV1:
        'f:allowVolumeExpansion': {}
        'f:parameters':
          'f:csi.storage.k8s.io/controller-expand-secret-name': {}
          'f:clusterID': {}
          'f:imageFeatures': {}
          'f:csi.storage.k8s.io/controller-expand-secret-namespace': {}
          .: {}
          'f:csi.storage.k8s.io/provisioner-secret-namespace': {}
          'f:pool': {}
          'f:encrypted': {}
          'f:csi.storage.k8s.io/node-stage-secret-name': {}
          'f:csi.storage.k8s.io/node-stage-secret-namespace': {}
          'f:encryptionKMSID': {}
          'f:csi.storage.k8s.io/provisioner-secret-name': {}
          'f:imageFormat': {}
        'f:provisioner': {}
        'f:reclaimPolicy': {}
        'f:volumeBindingMode': {}
provisioner: openshift-storage.rbd.csi.ceph.com
parameters:
  csi.storage.k8s.io/provisioner-secret-namespace: openshift-storage
  encrypted: 'true'
  csi.storage.k8s.io/provisioner-secret-name: secret-test-rbd-ca5e8fb37b00464ca4397925
  csi.storage.k8s.io/node-stage-secret-name: secret-test-rbd-ca5e8fb37b00464ca4397925
  encryptionKMSID: vault-test-4ad7372ca055403a959db023b38be
  csi.storage.k8s.io/controller-expand-secret-name: secret-test-rbd-ca5e8fb37b00464ca4397925
  imageFormat: '2'
  clusterID: openshift-storage
  imageFeatures: layering
  csi.storage.k8s.io/controller-expand-secret-namespace: openshift-storage
  pool: ocs-storagecluster-cephblockpool
  csi.storage.k8s.io/node-stage-secret-namespace: openshift-storage
reclaimPolicy: Delete
allowVolumeExpansion: true
volumeBindingMode: Immediate





ocs_advanced_usage Metric:
	
Name
container
endpoint
instance
job
managedBy
namespace
pod
prometheus
service
Value
ocs_advanced_feature_usage	ocs-metrics-exporter	metrics	10.128.2.22:8080	ocs-metrics-exporter	ocs-storagecluster	openshift-storage	ocs-metrics-exporter-65c7d9bbbb-kgr67	openshift-monitoring/k8s	ocs-metrics-exporter	1
Comment 27 errata-xmlrpc 2023-11-08 18:49:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat OpenShift Data Foundation 4.14.0 security, enhancement & bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6832