This repository was archived by the owner on Dec 19, 2023. It is now read-only.
This repository was archived by the owner on Dec 19, 2023. It is now read-only.
auditLog dynamicBackend: enabled: true crashes on Openshift 4.4 #4
Description
Hi
Having issues when enabling auditLog
Running sysdig AgentOperator 1.8.3 installed through OLM
➜ oc version
Client Version: openshift-clients-4.3.0-201910250623-88-g6a937dfe
Server Version: 4.4.3
Kubernetes Version: v1.17.1
You can find my yaml bellow:
apiVersion: sysdig.com/v1
kind: SysdigAgent
metadata:
name: sysdigagent
namespace: sysdig
spec:
auditLog:
dynamicBackend:
enabled: true
enabled: true
daemonset:
annotations:
productID: SysdigSecureDevopsPlatform
productName: Sysdig Secure DevOps Platform
productVersion: 1.8.3
ebpf:
enabled: false
scc:
create: true
sysdig:
accessKey: super-secret-accessKey
Operator log output
I0731 12:30:41.363001 1 request.go:621] Throttling request took 1.042689163s, request: GET:https://172.30.0.1:443/apis/config.openshift.io/v1?timeout=32s
{"level":"error","ts":1596198647.7328732,"logger":"helm.controller","msg":"Release failed","namespace":"sysdig","name":"sysdig-agent","apiVersion":"sysdig.com/v1","kind":"SysdigAgent","release":"sysdig-agent","error":"failed to update release: failed to create resource: AuditSink.auditregistration.k8s.io \"sysdig-agent\" is invalid: spec.webhook.clientConfig.service.path: Invalid value: \"/k8s_audit\": segment[0]: a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\tpkg/mod/github.com/go-logr/[email protected]/zapr.go:128\ngithub.com/operator-framework/operator-sdk/pkg/helm/controller.HelmOperatorReconciler.Reconcile\n\tsrc/github.com/operator-framework/operator-sdk/pkg/helm/controller/reconcile.go:247\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:256\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:232\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:211\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:155\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:156\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:133\nk8s.io/apimachinery/pkg/util/wait.Until\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:90"}
{"level":"error","ts":1596198647.7984922,"logger":"controller-runtime.controller","msg":"Reconciler error","controller":"sysdigagent-controller","request":"sysdig/sysdig-agent","error":"failed to update release: failed to create resource: AuditSink.auditregistration.k8s.io \"sysdig-agent\" is invalid: spec.webhook.clientConfig.service.path: Invalid value: \"/k8s_audit\": segment[0]: a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\tpkg/mod/github.com/go-logr/[email protected]/zapr.go:128\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:258\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:232\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:211\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:155\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:156\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:133\nk8s.io/apimachinery/pkg/util/wait.Until\n\tpkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:90"}