Bug 2079919 - rook - depreacted API 1.25 calls
Summary: rook - depreacted API 1.25 calls
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat OpenShift Data Foundation
Classification: Red Hat Storage
Component: rook
Version: 4.10
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: ---
Assignee: Subham Rai
QA Contact: Neha Berry
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-04-28 13:57 UTC by Ruth Netser
Modified: 2023-08-09 17:03 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-04-29 15:59:18 UTC
Embargoed:


Attachments (Terms of Use)

Description Ruth Netser 2022-04-28 13:57:22 UTC
Description of problem (please be detailed as possible and provide log
snippests):
rook - Deprecated 1.25 API call 

{'kind': 'Event', 'apiVersion': 'audit.k8s.io/v1', 'level': 'Metadata', 'auditID': '040e98f5-d0ad-4506-973c-affb38656739', 'stage': 'ResponseComplete', 'requestURI': '/apis/batch/v1beta1/namespaces/openshift-storage/cronjobs/rook-ceph-crashcollector-pruner', 'verb': 'delete', 'user': {'username': 'system:serviceaccount:openshift-storage:rook-ceph-system', 'uid': '2bdf7743-86be-4a50-bb1e-2cacb378929d', 'groups': ['system:serviceaccounts', 'system:serviceaccounts:openshift-storage', 'system:authenticated'], 'extra': {'authentication.kubernetes.io/pod-name': ['rook-ceph-operator-58fcc48878-lsz79'], 'authentication.kubernetes.io/pod-uid': ['401922bf-a9cf-4c86-baa0-ddf15311b7ab']}}, 'sourceIPs': ['192.168.2.41'], 'userAgent': 'rook/v0.0.0 (linux/amd64) kubernetes/$Format', 'objectRef': {'resource': 'cronjobs', 'namespace': 'openshift-storage', 'name': 'rook-ceph-crashcollector-pruner', 'apiGroup': 'batch', 'apiVersion': 'v1beta1'}, 'responseStatus': {'metadata': {}, 'status': 'Failure', 'reason': 'NotFound', 'code': 404}, 'requestReceivedTimestamp': '2022-04-28T08:34:34.266253Z', 'stageTimestamp': '2022-04-28T08:34:34.271390Z', 'annotations': {'authorization.k8s.io/decision': 'allow', 'authorization.k8s.io/reason': 'RBAC: allowed by ClusterRoleBinding "ocs-operator.v4.10.1-f6dd8859" of ClusterRole "ocs-operator.v4.10.1-f6dd8859" to ServiceAccount "rook-ceph-system/openshift-storage"', 'k8s.io/deprecated': 'true', 'k8s.io/removed-release': '1.25'}}




Version of all relevant components (if applicable):
$ oc get csv -n openshift-storage --show-labels=true
NAME                   DISPLAY                       VERSION   REPLACES               PHASE       LABELS
mcg-operator.v4.10.1   NooBaa Operator               4.10.1    mcg-operator.v4.10.0   Succeeded   operators.coreos.com/mcg-operator.openshift-storage=
ocs-operator.v4.10.1   OpenShift Container Storage   4.10.1    ocs-operator.v4.10.0   Succeeded   full_version=4.10.1-3,operatorframework.io/arch.amd64=supported,operatorframework.io/arch.ppc64le=supported,operatorframework.io/arch.s390x=supported,operators.coreos.com/ocs-operator.openshift-storage=
odf-operator.v4.10.1   OpenShift Data Foundation     4.10.1    odf-operator.v4.10.0   Succeeded   full_version=4.10.1-2,operatorframework.io/arch.amd64=supported,operatorframework.io/arch.ppc64le=supported,operatorframework.io/arch.s390x=supported,operators.coreos.com/odf-operator.openshift-storage=


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?


Is there any workaround available to the best of your knowledge?


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?


Can this issue reproducible?


Can this issue reproduce from the UI?


If this is a regression, please provide more details to justify this:


Steps to Reproduce:
Get depreacted api calls:
1. get audit logs - oc adm node-logs --role=master --path=kube-apiserver | grep audit
2. look for deprecated calls in each log, for example: oc adm node-logs c01-rn411-old-dp7mm-master-0 --path=kube-apiserver/audit-2022-04-28T04-41-14.820.log | grep '"k8s.io/deprecated":"true"'


Actual results:


Expected results:


Additional info:

Comment 2 Travis Nielsen 2022-04-28 15:08:18 UTC
Rook stopped using the v1beta1 cronjob for the crash collector pruner a long time ago, the fix certainly would have been in 4.10.
https://github.com/rook/rook/pull/8114

Subham please take a look to see if the v1beta1 cronjob might still be used somewhere.

Comment 3 Subham Rai 2022-04-29 06:59:37 UTC
This is expected since, before creating v1 resources for cronJOb we delete v1beta1 that's why we are seeing this warning and in the warning also we can confirm that it is coming for delete only `'verb': 'delete'` as expected. So, I think we can close this BZ if we agree.

Comment 4 Travis Nielsen 2022-04-29 15:59:18 UTC
Agreed, this is expected since it's just a delete command. Rook only creates the v1 CronJob in newer versions, so we're not using any deprecated resources.


Note You need to log in before you can comment on or make changes to this bug.