Cluster-monitoring-operator fails to sync (cluster)rolebindings when roleRef has been changed

Solution In Progress - Updated -

Issue

  • If an admin updates manually one of the bindings managed by Cluster-monitoring-operator, the operator fails to reconcile the resource to the expected state.

  • By design, a binding's roleRef can't be changed after creation as per the documentation. To change the roleRef of an existing resource and get it as per the default configuration, it needs to be deleted and recreated.

Environment

  • OpenShift Container Platform
    • v3.11
    • v4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content