Bug 1303114 - Metrics Deployer has the HAWKULAR_METRICS_HOSTNAME hardcoded
Summary: Metrics Deployer has the HAWKULAR_METRICS_HOSTNAME hardcoded
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Hawkular
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ---
: ---
Assignee: Matt Wringe
QA Contact: chunchen
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-01-29 15:21 UTC by Eric Jones
Modified: 2019-10-10 11:03 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
OpenShift Enterprise 3.1
Last Closed: 2016-01-29 16:47:26 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Eric Jones 2016-01-29 15:21:35 UTC 
Description of problem:
Cannot properly deploy the Hawkular/Heapster metrics for OSE because the hawkular metrics hostname is always forced to be https://hawkular-metrics:443.....

How reproducible:
100%

Step s to Reproduce:
1. oc create -f - <<API
apiVersion: v1
kind: ServiceAccount
metadata:
  name: metrics-deployer
secrets:
- name: metrics-deployer
API
2. oadm policy add-role-to-user edit system:serviceaccount:openshift-infra:metrics-deployer
3. oadm policy add-cluster-role-to-user cluster-reader system:serviceaccount:openshift-infra:heapster
4. oc secrets new metrics-deployer \
  hawkular-metrics.pem=<(cat /root/xpaas-certs/xpaas.xyz.ssl/xpaas.xyz.key /root/xpaas-certs/STAR_xpaas_xyz.crt) \
  hawkular-metrics-ca.cert=/root/xpaas-certs/STAR_xpaas_xyz.ca-bundle \
  hawkular-cassandra.pem=<(cat /root/xpaas-certs/xpaas.xyz.ssl/xpaas.xyz.key /root/xpaas-certs/STAR_xpaas_xyz.crt) \
  hawkular-cassandra-ca.cert=/root/xpaas-certs/STAR_xpaas_xyz.ca-bundle \
  heapster.cert=/root/xpaas-certs/STAR_xpaas_xyz.crt \
  heapster.key=/root/xpaas-certs/xpaas.xyz.ssl/xpaas.xyz.key
5. oc process -f /usr/share/ansible/openshift-ansible/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml -v HAWKULAR_METRICS_HOSTNAME=metrics.xpaas.xyz,IMAGE_PREFIX=registry.access.redhat.com/openshift3/,IMAGE_VERSION=latest,USE_PERSISTENT_STORAGE=false,REDEPLOY=true | oc create -f -

Actual results:
--sink=hawkular:https://hawkular-metrics:443?tenant=_system&labelToTenant=pod_namespace&caCert=/hawkular-cert/hawkular-metrics-ca.certificate&user=%username%&pass=%password%&filter=label(container_name:^/system.slice.*|^/user.slice)

Expected results:
--sink=hawkular:https://metrics.xpaas.xyz:443?tenant=_system&labelToTenant=pod_namespace&caCert=/hawkular-cert/hawkular-metrics-ca.certificate&user=%username%&pass=%password%&filter=label(container_name:^/system.slice.*|^/user.slice)

Additional info:
Comment 1 Matt Wringe 2016-01-29 16:38:35 UTC 
The 'hawkular-metrics' hostname comes from the service name which is resolved by the OpenShift DNS. This is the internal hostname used by the system. This hostname should always be resolvable within the OpenShift cluster and is the reason why the Heapster sink uses it. This is the expected behaviour.

The `HAWKULAR_METRICS_HOSTNAME` is for setting the external hostname which is used by things like the console so that access can be achieved from outside of the OpenShift cluster.

From https://docs.openshift.com/enterprise/3.1/install_config/cluster_metrics.html#creating-the-deployer-template the description for the HAWKULAR_METRICS_HOSTNAME is

"External hostname where clients will reach Hawkular Metrics"

Please also see the section on creating the hawkular-metrics.pem secrets https://docs.openshift.com/enterprise/3.1/install_config/cluster_metrics.html#metrics-deployer-secrets

"The pem file to use for the Hawkular Metrics certificate. This certificate must contain the hawkular-metrics host name as well as the publicly available host name used by the route. This file is auto-generated if unspecified."
Note You need to log in before you can comment on or make changes to this bug.