Bug 2138753 - [KMIP] csi-kms resources are created for MCG only deployments
Summary: [KMIP] csi-kms resources are created for MCG only deployments
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat OpenShift Data Foundation
Classification: Red Hat Storage
Component: management-console
Version: 4.12
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: ODF 4.12.0
Assignee: Debjyoti Pandit
QA Contact: Rachael
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-10-31 06:11 UTC by Rachael
Modified: 2023-08-09 16:46 UTC (History)
9 users (show)

Fixed In Version: 4.12.0-114
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-02-08 14:06:28 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github red-hat-storage odf-console pull 515 0 None Merged fix: removed csi resources creation for mcg-standalone deployments 2022-11-14 06:33:53 UTC
Github red-hat-storage odf-console pull 521 0 None open Bug 2138753: [release-4.12] fix: removed csi resources creation for mcg-standalone deployments 2022-11-14 06:33:54 UTC
Github red-hat-storage odf-console pull 522 0 None open Bug 2138753: [release-4.12-compatibility] fix: removed csi resources creation for mcg-standalone deployments 2022-11-14 06:33:54 UTC

Description Rachael 2022-10-31 06:11:41 UTC 
Description of problem (please be detailed as possible and provide log
snippets):

For standalone MCG deployments using KMIP, csi-kms resources such as the thales-kmip-csi secret and csi-kms-connection-details configmap are also created, which are not required, since there are no ceph RBD components deployed.

$ oc get storagecluster -o yaml
apiVersion: v1
items:
- apiVersion: ocs.openshift.io/v1
  kind: StorageCluster
  metadata:
    annotations:
      uninstall.ocs.openshift.io/cleanup-policy: delete
      uninstall.ocs.openshift.io/mode: graceful
    creationTimestamp: "2022-10-31T05:54:05Z"
    finalizers:
    - storagecluster.ocs.openshift.io
    generation: 2
    name: ocs-storagecluster
    namespace: openshift-storage
    ownerReferences:
    - apiVersion: odf.openshift.io/v1alpha1
      kind: StorageSystem
      name: ocs-storagecluster-storagesystem
      uid: e45f753d-f4e4-4cff-8a72-0d0aedc9b12d
    resourceVersion: "74949"
    uid: a38170fa-9d18-4c3f-8e7e-7121bc4b23d5
  spec:
    arbiter: {}
    encryption:
      kms:
        enable: true
[...]
    multiCloudGateway:
      dbStorageClassName: gp2-csi
      reconcileStrategy: standalone


$ oc get cm |grep kms-connection-details
csi-kms-connection-details       1      11m
ocs-kms-connection-details       5      11m

$ oc get secret |grep thales
thales-kmip-csi-ht7veq                            Opaque                                4      12m
thales-kmip-ocs-vxzjqr                            Opaque                                4      12m


Version of all relevant components (if applicable):
---------------------------------------------------
OCP: 4.12.0-0.nightly-2022-10-25-210451
ODF: odf-operator.v4.12.0    full_version=4.12.0-82


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?
No


Is there any workaround available to the best of your knowledge?
No


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
2


Can this issue reproducible?
Yes

Can this issue reproduce from the UI?
Yes

If this is a regression, please provide more details to justify this:
No


Steps to Reproduce:
--------------------
1. Deploy a standalone MCG ODF cluster using Thales KMIP
2. Check for csi-kms-connection-details configmap and thales-kmip-csi secret


Actual results:
---------------
The csi-kms resources are created, even though they are not required and cannot be used in the cluster

Expected results:
-----------------
csi-kms resources should not be created
Note You need to log in before you can comment on or make changes to this bug.