OpenShift v4.7 버전부터 Insight Operator 기능이 추가 되었다.
이것은 기존의 클러스터 환경에 대한 정보를 수집하고 cloud.redhat.com에서
Insigt Report 기반으로 클러스터에 대한 정보를 진단하는 기능을 가지고 있다.
이 기능이 Disconnected 환경에서는 외부로 수집될 이유가 없으므로, 이를 비활성화 한다.
openshift-insight operator에서 서버로 사용하는 server.yaml 파일을 확인 해본다.
[root@bastion ~]# oc exec insights-operator-5f4fd54f6c-z9txw -n openshift-insights -- cat /etc/insights-operator/server.yaml
kind: GenericOperatorConfig
apiVersion: operator.openshift.io/v1alpha1
leaderElection:
disable: true
interval: "2h"
storagePath: /var/lib/insights-operator
endpoint: https://cloud.redhat.com/api/ingress/v1/upload
impersonate: system:serviceaccount:openshift-insights:gather
pull_report:
endpoint: https://cloud.redhat.com/api/insights-results-aggregator/v1/clusters/%s/report
delay: "60s"
timeout: "3000s"
min_retry: "30s"
gather:
- ALL
insights-operator가 클러스터 정보를 수집한 파일을 /var/lib/insights-operator/ 디렉토리에 저장하고,
endpoint 주소에 2시간 간격으로 업로드하여 정보를 수집하도록 되어있다.
Disconnected 환경에서는 endpoint로 통신할 이유가 없으므로, endpoint를 제거하여 더 이상 확인 하지 않도록 설정 한다.
insights-operator가 사용하는 server.yaml 파일을 아래 형식으로 custom 하여 configmap을 생성한다.
[root@bastion ~]# vi insights-local.yaml
kind: ConfigMap
apiVersion: v1
metadata:
name: insights-local
namespace: openshift-insights
data:
server.yaml: |
kind: GenericOperatorConfig
apiVersion: operator.openshift.io/v1alpha1
leaderElection:
disable: true
storagePath: /var/lib/insights-operator
impersonate: system:serviceaccount:openshift-insights:gather
gather:
- ALL
$ oc create -f insights-local.yaml
openshift-insights 프로젝트의 Deployment에 2번에서 생성한 ConfigMap을 Volume Mount하여,
custom server.yaml 설정 파일을 사용하도록 한다.
[root@bastion ~]# oc edit deployment insights-operator -n openshift-insights
kind: Deployment
apiVersion: apps/v1
metadata:
name: insights-operator
namespace: openshift-insights
spec:
replicas: 1
selector:
matchLabels:
app: insights-operator
template:
metadata:
creationTimestamp: null
labels:
app: insights-operator
annotations:
target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
spec:
nodeSelector:
beta.kubernetes.io/os: linux
node-role.kubernetes.io/master: ''
restartPolicy: Always
serviceAccountName: operator
schedulerName: default-scheduler
terminationGracePeriodSeconds: 30
securityContext: {}
containers:
- resources:
requests:
cpu: 10m
memory: 30Mi
terminationMessagePath: /dev/termination-log
name: insights-operator
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: RELEASE_VERSION
value: 4.8.18
ports:
- name: https
containerPort: 8443
protocol: TCP
imagePullPolicy: IfNotPresent
volumeMounts:
- name: insights-local
mountPath: /etc/insights-operator
- name: snapshots
mountPath: /var/lib/insights-operator
- name: trusted-ca-bundle
readOnly: true
mountPath: /var/run/configmaps/trusted-ca-bundle
- name: service-ca-bundle
readOnly: true
mountPath: /var/run/configmaps/service-ca-bundle
- name: serving-cert
mountPath: /var/run/secrets/serving-cert
terminationMessagePolicy: FallbackToLogsOnError
image: >-
quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ad63d3de50d6aef18e3c423c92827f899572e063ce25c3a128a81bb795f09af8
args:
- start
- '-v=4'
- '--config=/etc/insights-operator/server.yaml'
serviceAccount: operator
volumes:
- name: insights-local
configMap:
name: insights-local
items:
- key: server.yaml
path: server.yaml
defaultMode: 420
optional: true
- name: snapshots
emptyDir: {}
- name: trusted-ca-bundle
configMap:
name: trusted-ca-bundle
defaultMode: 420
optional: true
- name: service-ca-bundle
configMap:
name: service-ca-bundle
defaultMode: 420
optional: true
- name: serving-cert
secret:
secretName: openshift-insights-serving-cert
defaultMode: 420
optional: true
dnsPolicy: ClusterFirst
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
- key: node.kubernetes.io/unreachable
operator: Exists
effect: NoExecute
tolerationSeconds: 900
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoExecute
tolerationSeconds: 900
priorityClassName: system-cluster-critical
strategy:
type: Recreate
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
endpoint를 제거하였으므로, cloud.redhat.com에 더 이상 클러스터 정보를 업로드 및 수집하지 않게 되었다.
[root@bastion ~]# oc logs -f insights-operator-5f4fd54f6c-xlkxz -n openshift-insights
I1106 01:51:48.581346 1 cmd.go:200] Using service-serving-cert provided certificates
I1106 01:51:48.581991 1 observer_polling.go:74] Adding reactor for file "/var/run/secrets/serving-cert/tls.crt"
I1106 01:51:48.582059 1 observer_polling.go:74] Adding reactor for file "/var/run/secrets/serving-cert/tls.key"
I1106 01:51:48.582095 1 observer_polling.go:52] Starting from specified content for file "/etc/insights-operator/server.yaml"
I1106 01:51:48.582108 1 observer_polling.go:52] Starting from specified content for file "/var/run/configmaps/service-ca-bundle/service-ca.crt"
I1106 01:51:48.582582 1 observer_polling.go:159] Starting file observer
I1106 01:51:48.582835 1 observer_polling.go:135] File observer successfully synced
W1106 01:51:48.602989 1 builder.go:209] unable to get owner reference (falling back to namespace): replicasets.apps "insights-operator-5f4fd54f6c" is forbidden: User "system:serviceaccount:openshift-insights:operator" cannot get resource "replicasets" in API group "apps" in the namespace "openshift-insights"
I1106 01:51:48.603734 1 dynamic_serving_content.go:111] Loaded a new cert/key pair for "serving-cert::/var/run/secrets/serving-cert/tls.crt::/var/run/secrets/serving-cert/tls.key"
I1106 01:51:49.066076 1 requestheader_controller.go:244] Loaded a new request header values for RequestHeaderAuthRequestController
I1106 01:51:49.068485 1 config.go:658] Not requested to run hook priority-and-fairness-config-consumer
I1106 01:51:49.070093 1 operator.go:48] Starting insights-operator v0.0.0-master+$Format:%H$
I1106 01:51:49.070366 1 config.go:207] Current config: {"report":false,"storagePath":"/var/lib/insights-operator","interval":"","endpoint":"","pull_report":{"endpoint":"","delay":"","timeout":"","min_retry":""},"impersonate":"system:serviceaccount:openshift-insights:gather","gather":["ALL"],"enableGlobalObfuscation":false}
W1106 01:51:49.073789 1 secure_serving.go:69] Use of insecure cipher 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256' detected.
W1106 01:51:49.073812 1 secure_serving.go:69] Use of insecure cipher 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256' detected.
I1106 01:51:49.073976 1 configobserver.go:308] Configuration set: enabled=false endpoint= interval=10m0s username=false token=false reportEndpoint=https://cloud.redhat.com/api/insights-results-aggregator/v1/clusters/%s/report initialPollingDelay=1m0s minRetryTime=10s pollingTimeout=30m0s
I1106 01:51:49.074013 1 configobserver.go:77] Refreshing configuration from cluster pull secret
I1106 01:51:49.077994 1 configobserver.go:102] Found cloud.openshift.com token
I1106 01:51:49.078029 1 configobserver.go:296] Configuration updated: enabled=false endpoint= interval=10m0s username=false token=true reportEndpoint=https://cloud.redhat.com/api/insights-results-aggregator/v1/clusters/%s/report initialPollingDelay=1m0s minRetryTime=10s pollingTimeout=30m0s
I1106 01:51:49.078036 1 configobserver.go:120] Refreshing configuration from cluster secret
I1106 01:51:49.078353 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController
I1106 01:51:49.078370 1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController
I1106 01:51:49.078403 1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I1106 01:51:49.078414 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I1106 01:51:49.078591 1 reflector.go:219] Starting reflector *v1.ConfigMap (12h0m0s) from k8s.io/apiserver/pkg/server/dynamiccertificates/configmap_cafile_content.go:206
I1106 01:51:49.078598 1 reflector.go:219] Starting reflector *v1.ConfigMap (12h0m0s) from k8s.io/apiserver/pkg/authentication/request/headerrequest/requestheader_controller.go:172
I1106 01:51:49.078616 1 reflector.go:255] Listing and watching *v1.ConfigMap from k8s.io/apiserver/pkg/authentication/request/headerrequest/requestheader_controller.go:172
I1106 01:51:49.078636 1 configmap_cafile_content.go:202] Starting client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I1106 01:51:49.078643 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I1106 01:51:49.078766 1 reflector.go:219] Starting reflector *v1.ConfigMap (12h0m0s) from k8s.io/apiserver/pkg/server/dynamiccertificates/configmap_cafile_content.go:206
I1106 01:51:49.078776 1 reflector.go:255] Listing and watching *v1.ConfigMap from k8s.io/apiserver/pkg/server/dynamiccertificates/configmap_cafile_content.go:206
I1106 01:51:49.078610 1 reflector.go:255] Listing and watching *v1.ConfigMap from k8s.io/apiserver/pkg/server/dynamiccertificates/configmap_cafile_content.go:206
I1106 01:51:49.078992 1 tlsconfig.go:200] loaded serving cert ["serving-cert::/var/run/secrets/serving-cert/tls.crt::/var/run/secrets/serving-cert/tls.key"]: "metrics.openshift-insights.svc" [serving] validServingFor=[metrics.openshift-insights.svc,metrics.openshift-insights.svc.cluster.local] issuer="openshift-service-serving-signer@1629960410" (2021-08-26 06:47:00 +0000 UTC to 2023-08-26 06:47:01 +0000 UTC (now=2021-11-06 01:51:49.078969949 +0000 UTC))
I1106 01:51:49.079025 1 dynamic_serving_content.go:130] Starting serving-cert::/var/run/secrets/serving-cert/tls.crt::/var/run/secrets/serving-cert/tls.key
I1106 01:51:49.079220 1 named_certificates.go:53] loaded SNI cert [0/"self-signed loopback"]: "apiserver-loopback-client@1636163509" [serving] validServingFor=[apiserver-loopback-client] issuer="apiserver-loopback-client-ca@1636163508" (2021-11-06 00:51:48 +0000 UTC to 2022-11-06 00:51:48 +0000 UTC (now=2021-11-06 01:51:49.079210111 +0000 UTC))
I1106 01:51:49.079389 1 secure_serving.go:197] Serving securely on [::]:8443
I1106 01:51:49.079498 1 tlsconfig.go:240] Starting DynamicServingCertificateController
I1106 01:51:49.081900 1 configobserver.go:124] Support secret does not exist
I1106 01:51:49.082063 1 configobserver.go:77] Refreshing configuration from cluster pull secret
I1106 01:51:49.082175 1 recorder.go:120] Pruning old reports every 32m55s, max age is 24h0m0s
I1106 01:51:49.085434 1 configobserver.go:102] Found cloud.openshift.com token
I1106 01:51:49.085472 1 configobserver.go:120] Refreshing configuration from cluster secret
I1106 01:51:49.087205 1 periodic.go:95] Gather is disabled by configuration.
I1106 01:51:49.087234 1 periodic.go:176] Gathering cluster info every 10m0s
I1106 01:51:49.089251 1 configobserver.go:124] Support secret does not exist
I1106 01:51:49.091372 1 status.go:101] Initializing last reported time to 0001-01-01T00:00:00Z
I1106 01:51:49.091422 1 status.go:413] The initial operator extension status is healthy
I1106 01:51:49.091467 1 status.go:142] Source 0 *controllerstatus.Simple is not ready
I1106 01:51:49.091495 1 status.go:142] Source 1 *controllerstatus.Simple is not ready
I1106 01:51:49.091517 1 status.go:142] Source 2 *insightsuploader.Controller is not ready
I1106 01:51:49.091550 1 status.go:308] The operator is still being initialized
I1106 01:51:49.091607 1 status.go:427] No status update necessary, objects are identical
W1106 01:51:49.091634 1 operator.go:168] started
I1106 01:51:49.091667 1 controllerstatus.go:49] name=insightsreport healthy=true reason= message=
I1106 01:51:49.091686 1 insightsreport.go:214] Starting report retriever
I1106 01:51:49.091703 1 insightsreport.go:215] Initial config: &{false /var/lib/insights-operator 10m0s https://cloud.redhat.com/api/insights-results-aggregator/v1/clusters/%s/report 1m0s 10s 30m0s system:serviceaccount:openshift-insights:gather [ALL] false b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K29jbV9hY2Nlc3NfNjlmMDQwZGZiM2I0NDhkMWIxMjA3MjAzYTliMzdhYjQ6OEg2RENGV0VaTjJMOU1URlBRUTJCNU1GU1AzRzBIUFo1N0hXVzRHME1RR1RZUFlEQlM4REs2Q1pEMTdXUFlRUQ== { }}
I1106 01:51:49.091902 1 controllerstatus.go:49] name=insightsuploader healthy=true reason= message=
I1106 01:51:49.091932 1 insightsuploader.go:86] Reporting status periodically to every 10m0s, starting in 0s
I1106 01:51:49.092007 1 insightsuploader.go:120] Nothing to report since 0001-01-01T00:00:00Z
I1106 01:51:49.097560 1 status.go:142] Source 0 *controllerstatus.Simple is not ready
I1106 01:51:49.097615 1 status.go:142] Source 1 *controllerstatus.Simple is not ready
I1106 01:51:49.097645 1 status.go:308] The operator is still being initialized
I1106 01:51:49.097707 1 status.go:427] No status update necessary, objects are identical
I1106 01:51:49.179735 1 shared_informer.go:270] caches populated
I1106 01:51:49.179848 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I1106 01:51:49.179736 1 shared_informer.go:270] caches populated
I1106 01:51:49.179940 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I1106 01:51:49.179764 1 shared_informer.go:270] caches populated
I1106 01:51:49.180003 1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController
I1106 01:51:49.180635 1 tlsconfig.go:178] loaded client CA [0/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_aggregator-client-signer@1633916898" [] issuer="<self>" (2021-10-11 01:48:17 +0000 UTC to 2021-11-10 01:48:18 +0000 UTC (now=2021-11-06 01:51:49.180414938 +0000 UTC))
I1106 01:51:49.180739 1 tlsconfig.go:178] loaded client CA [1/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_aggregator-client-signer@1635212915" [] issuer="<self>" (2021-10-26 01:48:35 +0000 UTC to 2021-11-25 01:48:36 +0000 UTC (now=2021-11-06 01:51:49.180726409 +0000 UTC))
I1106 01:51:49.181098 1 tlsconfig.go:200] loaded serving cert ["serving-cert::/var/run/secrets/serving-cert/tls.crt::/var/run/secrets/serving-cert/tls.key"]: "metrics.openshift-insights.svc" [serving] validServingFor=[metrics.openshift-insights.svc,metrics.openshift-insights.svc.cluster.local] issuer="openshift-service-serving-signer@1629960410" (2021-08-26 06:47:00 +0000 UTC to 2023-08-26 06:47:01 +0000 UTC (now=2021-11-06 01:51:49.181082326 +0000 UTC))
I1106 01:51:49.181316 1 named_certificates.go:53] loaded SNI cert [0/"self-signed loopback"]: "apiserver-loopback-client@1636163509" [serving] validServingFor=[apiserver-loopback-client] issuer="apiserver-loopback-client-ca@1636163508" (2021-11-06 00:51:48 +0000 UTC to 2022-11-06 00:51:48 +0000 UTC (now=2021-11-06 01:51:49.181305305 +0000 UTC))
I1106 01:51:49.181930 1 tlsconfig.go:178] loaded client CA [0/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "admin-kubeconfig-signer" [] issuer="<self>" (2021-08-26 06:35:03 +0000 UTC to 2031-08-24 06:35:03 +0000 UTC (now=2021-11-06 01:51:49.181919576 +0000 UTC))
I1106 01:51:49.182004 1 tlsconfig.go:178] loaded client CA [1/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "kube-control-plane-signer" [] issuer="<self>" (2021-08-26 06:35:09 +0000 UTC to 2022-08-26 06:35:09 +0000 UTC (now=2021-11-06 01:51:49.181995869 +0000 UTC))
I1106 01:51:49.182069 1 tlsconfig.go:178] loaded client CA [2/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "kube-apiserver-to-kubelet-signer" [] issuer="<self>" (2021-08-26 06:35:09 +0000 UTC to 2022-08-26 06:35:09 +0000 UTC (now=2021-11-06 01:51:49.182057394 +0000 UTC))
I1106 01:51:49.182113 1 tlsconfig.go:178] loaded client CA [3/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "kubelet-bootstrap-kubeconfig-signer" [] issuer="<self>" (2021-08-26 06:35:04 +0000 UTC to 2031-08-24 06:35:04 +0000 UTC (now=2021-11-06 01:51:49.182104317 +0000 UTC))
I1106 01:51:49.182147 1 tlsconfig.go:178] loaded client CA [4/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_node-system-admin-signer@1629960411" [] issuer="<self>" (2021-08-26 06:46:50 +0000 UTC to 2022-08-26 06:46:51 +0000 UTC (now=2021-11-06 01:51:49.182139709 +0000 UTC))
I1106 01:51:49.182187 1 tlsconfig.go:178] loaded client CA [5/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_kube-control-plane-signer@1632551709" [] issuer="<self>" (2021-09-25 06:35:08 +0000 UTC to 2021-11-24 06:35:09 +0000 UTC (now=2021-11-06 01:51:49.182177869 +0000 UTC))
I1106 01:51:49.182218 1 tlsconfig.go:178] loaded client CA [6/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-controller-manager-operator_csr-signer-signer@1632620836" [] issuer="<self>" (2021-09-26 01:47:15 +0000 UTC to 2021-11-25 01:47:16 +0000 UTC (now=2021-11-06 01:51:49.182209503 +0000 UTC))
I1106 01:51:49.182266 1 tlsconfig.go:178] loaded client CA [7/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "kube-csr-signer_@1634046438" [] issuer="openshift-kube-controller-manager-operator_csr-signer-signer@1632620836" (2021-10-12 13:47:17 +0000 UTC to 2021-11-11 13:47:18 +0000 UTC (now=2021-11-06 01:51:49.182259462 +0000 UTC))
I1106 01:51:49.182295 1 tlsconfig.go:178] loaded client CA [8/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_kube-control-plane-signer@1635143711" [] issuer="<self>" (2021-10-25 06:35:10 +0000 UTC to 2021-12-24 06:35:11 +0000 UTC (now=2021-11-06 01:51:49.182288964 +0000 UTC))
I1106 01:51:49.182335 1 tlsconfig.go:178] loaded client CA [9/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-controller-manager-operator_csr-signer-signer@1635212838" [] issuer="<self>" (2021-10-26 01:47:17 +0000 UTC to 2021-12-25 01:47:18 +0000 UTC (now=2021-11-06 01:51:49.182328298 +0000 UTC))
I1106 01:51:49.182364 1 tlsconfig.go:178] loaded client CA [10/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "kube-csr-signer_@1635342437" [] issuer="openshift-kube-controller-manager-operator_csr-signer-signer@1635212838" (2021-10-27 13:47:16 +0000 UTC to 2021-11-26 13:47:17 +0000 UTC (now=2021-11-06 01:51:49.182356126 +0000 UTC))
I1106 01:51:49.182392 1 tlsconfig.go:178] loaded client CA [11/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_aggregator-client-signer@1633916898" [] issuer="<self>" (2021-10-11 01:48:17 +0000 UTC to 2021-11-10 01:48:18 +0000 UTC (now=2021-11-06 01:51:49.182385207 +0000 UTC))
I1106 01:51:49.182420 1 tlsconfig.go:178] loaded client CA [12/"client-ca::kube-system::extension-apiserver-authentication::client-ca-file,client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"]: "openshift-kube-apiserver-operator_aggregator-client-signer@1635212915" [] issuer="<self>" (2021-10-26 01:48:35 +0000 UTC to 2021-11-25 01:48:36 +0000 UTC (now=2021-11-06 01:51:49.182413452 +0000 UTC))
I1106 01:51:49.182643 1 tlsconfig.go:200] loaded serving cert ["serving-cert::/var/run/secrets/serving-cert/tls.crt::/var/run/secrets/serving-cert/tls.key"]: "metrics.openshift-insights.svc" [serving] validServingFor=[metrics.openshift-insights.svc,metrics.openshift-insights.svc.cluster.local] issuer="openshift-service-serving-signer@1629960410" (2021-08-26 06:47:00 +0000 UTC to 2023-08-26 06:47:01 +0000 UTC (now=2021-11-06 01:51:49.182634806 +0000 UTC))
I1106 01:51:49.182851 1 named_certificates.go:53] loaded SNI cert [0/"self-signed loopback"]: "apiserver-loopback-client@1636163509" [serving] validServingFor=[apiserver-loopback-client] issuer="apiserver-loopback-client-ca@1636163508" (2021-11-06 00:51:48 +0000 UTC to 2022-11-06 00:51:48 +0000 UTC (now=2021-11-06 01:51:49.182843224 +0000 UTC))
I1106 01:51:57.317071 1 httplog.go:89] "HTTP" verb="GET" URI="/metrics" latency="17.633241ms" userAgent="Prometheus/2.26.1" srcIP="192.168.0.22:38182" resp=200
I1106 01:52:04.092341 1 insightsuploader.go:120] Nothing to report since 0001-01-01T00:00:00Z
I1106 01:52:27.089647 1 httplog.go:89] "HTTP" verb="GET" URI="/metrics" latency="9.535687ms" userAgent="Prometheus/2.26.1" srcIP="192.168.0.22:38182" resp=200
I1106 01:52:49.094509 1 insightsuploader.go:120] Nothing to report since 0001-01-01T00:00:00Z
I1106 01:52:57.093322 1 httplog.go:89] "HTTP" verb="GET" URI="/metrics" latency="12.861104ms" userAgent="Prometheus/2.26.1" srcIP="192.168.0.22:38182" resp=200
I1106 01:53:04.095043 1 insightsuploader.go:120] Nothing to report since 0001-01-01T00:00:00Z
[1]: GitHub - OpenShift insights-operator: public
[2]: GitHub - OpenShift insights-operator: local
[3]: Gist - Insights Operator Deployment: VolumeMount
[4]: Gist - Insights Operator Deployment: Volumes