You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried to implement this in OpenShift Container Platform. Was able to setup and deployment/pod is up and running. But while trying to access Metrics endpoint via curl facing some 500 error
Connected to 192.168.11.95 (192.168.11.95) port 9141 (#0)
GET /metrics HTTP/1.1
Host: 192.168.11.95:9141
User-Agent: curl/7.61.1
Accept: /
< HTTP/1.1 500 Internal Server Error
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Mon, 11 Dec 2023 17:49:20 GMT
< Transfer-Encoding: chunked
<
An error has occurred while serving metrics:
18 error(s) occurred:
collected metric "opa_scorecard_constraint_violations" { label:<name:"kind" value:"K8sAssetUUID" > label:<name:"name" value:"assetuuid" > label:<name:"violating_kind" value:"Pod" > label:<name:"violating_name" value:"service-65d669b69f-g6k2v" > label:<name:"violating_namespace" value:"openshift-update-service" > label:<name:"violation_enforcement" value:"warn" > label:<name:"violation_msg" value:"Pod has a missing assetuuid. pod: service-65d669b69f-g6k2v" > gauge:<value:1 > } was collected before with the same name and label values
collected metric "opa_scorecard_constraint_violations" { label:<name:"kind" value:"K8sAssetUUID" > label:<name:"name" value:"assetuuid" > label:<name:"violating_kind" value:"Pod" > label:<name:"violating_name" value:"service-65d669b69f-g6k2v" > label:<name:"violating_namespace" value:"openshift-update-service" > label:<name:"violation_enforcement" value:"warn" > label:<name:"violation_msg" value:"Pod has a missing assetuuid. pod: service-65d669b69f-g6k2v" > gauge:<value:1 > } was collected before with the same name and label values
.
.
.
.
Connection #0 to host 192.168.11.95 left intact
sh-4.4$
Could you please advise me what is worng configuration going here?
OpenShift Target is also showing same 500 error code and Prometheus is not fetching any metrics.
Have added liveness and readiness probes as well and pod is coming up fine. Not seeing any error or warningh in opa-exporter pod log
@mcelep @Knappek @Gaardsholt @laimison
Hello Team
I tried to implement this in OpenShift Container Platform. Was able to setup and deployment/pod is up and running. But while trying to access Metrics endpoint via curl facing some 500 error
sh-4.4$ curl -kvs http://192.168.11.95:9141/metrics
< HTTP/1.1 500 Internal Server Error
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Mon, 11 Dec 2023 17:49:20 GMT
< Transfer-Encoding: chunked
<
An error has occurred while serving metrics:
18 error(s) occurred:
.
.
.
.
sh-4.4$
Could you please advise me what is worng configuration going here?
OpenShift Target is also showing same 500 error code and Prometheus is not fetching any metrics.
Have added liveness and readiness probes as well and pod is coming up fine. Not seeing any error or warningh in opa-exporter pod log
opa-pod log
2023/12/11 17:55:46 Kind:K8sPSPHostNetworkingPorts, Name:host-network-ports, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPAllowedUsers, Name:allowed-user-ranges, Namespace:
2023/12/11 17:55:46 Kind:K8sPodDisruptionBudget, Name:pod-distruption-budget, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPForbiddenSysctls, Name:sysctls-forbidden, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPReadOnlyRootFilesystem, Name:read-only-root-filesystem, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPSeccomp, Name:psp-seccomp, Namespace:
2023/12/11 17:55:46 Kind:K8sAllowDefaultNamespaceWorkloads, Name:allow-default-namespace-workloads, Namespace:
2023/12/11 17:55:46 Kind:K8sContainerLimits, Name:container-must-have-limits, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPCapabilities, Name:capabilities, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPVolumeTypes, Name:volume-types, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPHostNamespace, Name:host-namespaces, Namespace:
2023/12/11 17:55:46 Kind:K8sContainerRequests, Name:container-must-have-requests, Namespace:
2023/12/11 17:55:46 Kind:K8sAllowedRepos, Name:trusted-repos, Namespace:
2023/12/11 17:55:46 Kind:K8sAssetUUID, Name:assetuuid, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPAutomountServiceAccountTokenPod, Name:psp-automount-serviceaccount-token-pod, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPAllowPrivilegeEscalationContainer, Name:allow-privilege-escalation-container, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPHostFilesystem, Name:host-filesystem, Namespace:
2023/12/11 17:55:46 Kind:K8sPSPPrivilegedContainer, Name:privileged-containers, Namespace:
2023/12/11 17:55:55 Tick at 2023-12-11 17:55:55.264835838 +0000 UTC m=+4340.009384248
The text was updated successfully, but these errors were encountered: