Description of problem: In the thanos-querier pod the oauth-proxy container generate unnecessary logs: 2020/09/17 09:04:51 oauthproxy.go:774: basicauth: 10.129.0.38:39616 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/17 09:04:52 oauthproxy.go:774: basicauth: 10.129.0.38:39616 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/17 09:04:52 oauthproxy.go:774: basicauth: 10.129.0.38:39616 Authorization header does not start with 'Basic', skipping basic authentication Version-Release number of selected component (if applicable): RHOCP 4.5 How reproducible: All Our QuickLab and AWS cluster. Steps to Reproduce: 1. Install New RHOCP 4.5 Cluster in any platform and .Check the oauth-proxy container log of thanos-querier 2. oc logs -f thanos-querier-xxxxxx -c oauth-proxy Actual results: ~~~~ 2020/09/17 09:04:51 oauthproxy.go:774: basicauth: 10.129.0.38:39616 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/17 09:04:52 oauthproxy.go:774: basicauth: 10.129.0.38:39616 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/17 09:04:52 oauthproxy.go:774: basicauth: 10.129.0.38:39616 Authorization header does not start with 'Basic', skipping basic authentication ~~~~ Expected results: We don't expect the above message. Additional info: Notice the src IP(10.129.0.38) of the POD is etcd-operator-xxx,console -xxx and reporting-operator-xxxx.
Reassigning to oauth-proxy component and lowering severity as this does not have impact on functionality.
Same message in promethus proxy logs. oc logs prometheus-k8s-0 -c prometheus-proxy 2020/09/23 04:55:33 oauthproxy.go:774: basicauth: 10.128.2.44:44550 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:00:04 oauthproxy.go:774: basicauth: 10.128.2.44:48430 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:04:37 oauthproxy.go:774: basicauth: 10.128.2.44:52342 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:09:08 oauthproxy.go:774: basicauth: 10.128.2.44:56244 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:13:39 oauthproxy.go:774: basicauth: 10.128.2.44:60132 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:18:11 oauthproxy.go:774: basicauth: 10.128.2.44:35782 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:22:43 oauthproxy.go:774: basicauth: 10.128.2.44:39660 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:27:14 oauthproxy.go:774: basicauth: 10.128.2.44:43536 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:31:45 oauthproxy.go:774: basicauth: 10.128.2.44:47404 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:36:16 oauthproxy.go:774: basicauth: 10.128.2.44:51300 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:40:48 oauthproxy.go:774: basicauth: 10.128.2.44:55190 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:45:19 oauthproxy.go:774: basicauth: 10.128.2.44:59070 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:49:50 oauthproxy.go:774: basicauth: 10.128.2.44:34722 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:54:21 oauthproxy.go:774: basicauth: 10.128.2.44:38588 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 05:58:53 oauthproxy.go:774: basicauth: 10.128.2.44:42478 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 06:03:24 oauthproxy.go:774: basicauth: 10.128.2.44:46356 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 06:07:56 oauthproxy.go:774: basicauth: 10.128.2.44:50256 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 06:12:27 oauthproxy.go:774: basicauth: 10.128.2.44:54148 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 06:16:59 oauthproxy.go:774: basicauth: 10.128.2.44:58034 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 06:21:31 oauthproxy.go:774: basicauth: 10.128.2.44:33702 Authorization header does not start with 'Basic', skipping basic authentication 2020/09/23 06:26:03 oauthproxy.go:774: basicauth: 10.128.2.44:37596 Authorization header does not start with 'Basic', skipping basic authentication
Can you please tell whether there are plans to clone this BZ for OCP 4.5 / 4.6? Thanks
There's no shame in asking that publicly -> moving the comment to public. Yes, I think it's reasonable to do that, I cloned the BZ to those two previous versions and created the backport pull requests.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633