Bug 1914975 - Collect logs from openshift-sdn namespace
Summary: Collect logs from openshift-sdn namespace
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Insights Operator
Version: 4.7
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.7.0
Assignee: Serhii Zakharov
QA Contact: Pavel Šimovec
URL:
Whiteboard:
Depends On:
Blocks: 1921554
TreeView+ depends on / blocked
 
Reported: 2021-01-11 16:07 UTC by Serhii Zakharov
Modified: 2021-02-24 15:52 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Feature: sdn pods (in "openshift-sdn" namespace) can log some interesting messages, which should be helpful for network troubleshooting. The interesting messages are: - “Got OnEndpointsUpdate for unknown Endpoints” and* “"Got OnEndpointsDelete for unknown Endpoints”:* an event has been received to update some endpoints that don’t exist. It would indicate abnormal access to the API or too slow synchronization with it. - “Unable to update proxy firewall for policy”: SDN has internally requested the update of a policy that has not been found. Kind of a strange scenario, indicating bad or low performant access to API. - “Failed to update proxy firewall for policy: %v, Could not get EgressNetworkPolicies: %v”: Reason: Result:
Clone Of:
: 1921554 (view as bug list)
Environment:
Last Closed: 2021-02-24 15:51:51 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift insights-operator pull 309 0 None closed Bug 1914975: Collect logs from openshift-sdn namespace 2021-01-28 07:28:23 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:52:13 UTC

Description Serhii Zakharov 2021-01-11 16:07:13 UTC 
sdn pods (in "openshift-sdn" namespace) can log some interesting messages, which should be helpful for network troubleshooting. The interesting messages are:

    “Got OnEndpointsUpdate for unknown Endpoints” and* “"Got OnEndpointsDelete for unknown Endpoints”:* an event has been received to update some endpoints that don’t exist. It would indicate abnormal access to the API or too slow synchronization with it.
    “Unable to update proxy firewall for policy”: SDN has internally requested the update of a policy that has not been found. Kind of a strange scenario, indicating bad or low performant access to API.
    “Failed to update proxy firewall for policy: %v, Could not get EgressNetworkPolicies: %v”:

As IO is gathered every 2hrs we want to gather latest occurrences of those errors in logs

This list was prepared by CEE SME Pablo Alonso Rodriguez who should be consulted if needed

Acceptance criteria:

    Gather and collect above messages from sdn pods

Contact if clarifications needed: CEE SME Pablo Alonso Rodriguez
Comment 2 Pavel Šimovec 2021-01-14 11:35:43 UTC 
Archive contains:
config/pod/openshift-sdn/sdn-controller-r6pn2.json

verified on commit with hash bbe71609b0135def20bf82880e60cc90545ace77
Comment 5 errata-xmlrpc 2021-02-24 15:51:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633
Note You need to log in before you can comment on or make changes to this bug.