1913802 – Unable to create 'app' index pattern in OpenShift Logging 4.5 when permissions are granted via group

Bug 1913802 - Unable to create 'app' index pattern in OpenShift Logging 4.5 when permissions are granted via group

Summary: Unable to create 'app' index pattern in OpenShift Logging 4.5 when permission...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Logging
Sub Component:
Version:	4.5
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.5.z
Assignee:	Lukas Vlcek
QA Contact:	Anping Li
Docs Contact:
URL:
Whiteboard:	logging-exploration
Depends On:	1913801
Blocks:
TreeView+	depends on / blocked

Reported:	2021-01-07 16:16 UTC by OpenShift BugZilla Robot
Modified:	2024-06-13 23:51 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-02-09 13:25:23 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openshift elasticsearch-proxy pull 71	None	closed	Bug 1913802: Quote individual project names in proxy header	2021-02-16 10:25:30 UTC
Github	openshift origin-aggregated-logging pull 2041	None	closed	[release-4.5] Bug 1913802: Replace DLS rule script with more performant terms filter	2021-02-16 10:25:29 UTC
Red Hat Product Errata	RHBA-2021:0315	None	None	None	2021-02-09 13:25:30 UTC

Comment 5 Anping Li 2021-02-03 16:24:06 UTC

The group user can see the app index in kibana on elasticsearch-operator.4.5.0-202102030632.p0.  
No openshift proejct: 151
Active app: 1
ES: resource
  logStore:
    elasticsearch:
      nodeCount: 3
      redundancyPolicy: SingleRedundancy
      resources:
        limits:
          cpu: 1
          memory: 4Gi
        requests:
          cpu: 1
          memory: 4Gi
      storage:
        size: 200G
        storageClassName: gp2


I hit resouce limitaton in testing. the fluend cann't send some logs to ES before I reduce the ES Memory from 8Gi to 4Gi. I will verify this again on a larger cluster.
2021-02-03 15:56:28 +0000 [warn]: [clo_default_output_es] failed to flush the buffer. retry_time=7 next_retry_seconds=2021-02-03 15:57:35 +0000 chunk="5ba709e712fcc043e6d839acf0061e3f" error_class=Fluent::Plugin::ElasticsearchOutput::RecoverableRequestFailure error="could not push logs to Elasticsearch cluster ({:host=>\"elasticsearch.openshift-logging.svc.cluster.local\", :port=>9200, :scheme=>\"https\", :user=>\"fluentd\", :password=>\"obfuscated\"}): [500] {\"code\":500,\"message\":\"Internal Error\",\"error\":{}}\n"
  2021-02-03 15:56:28 +0000 [warn]: suppressed same stacktrace

Comment 6 Anping Li 2021-02-04 11:34:11 UTC

The problem was reproduced elasticsearch-operator.4.5.0-202101230744.p0 in cluster below. and verified on using elasticsearch-operator.4.5.0-202102031005.p0 
Cluster Info:
AWS Clusters
Master: 3* M3.xlarge
Worker: 4* M4.X4Large 
ES: nodeCount: 3
Elasticsearch: "cpu": "1","memory": "16Gi"
Proxy: "cpu": "100m","memory": "256Mi"

500 Group and Non-Openshift Projeccts..
5 Applicaitons in 5 Projects

Comment 8 errata-xmlrpc 2021-02-09 13:25:23 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5.31 extras update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:0315

Note You need to log in before you can comment on or make changes to this bug.