Extraneous Secrets generated by ACM Observability

Solution Verified - Updated -

Issue

  • Many non-required Secrets may be generated within the open-cluster-management-observability namespace for the ServiceAccount endpoint-observability-operator-sa, which may put undue pressure on etcd:

    $ oc get secrets -n open-cluster-management-observability
[..]
endpoint-observability-operator-sa-dockercfg-zhc9g                   kubernetes.io/dockercfg               1      23h
endpoint-observability-operator-sa-dockercfg-zk7jc                   kubernetes.io/dockercfg               1      33h
endpoint-observability-operator-sa-dockercfg-zmqg9                   kubernetes.io/dockercfg               1      35h
endpoint-observability-operator-sa-dockercfg-zqbct                   kubernetes.io/dockercfg               1      16h
[..]
endpoint-observability-operator-sa-token-24nrg                   kubernetes.io/service-account-token   4      14h
endpoint-observability-operator-sa-token-25h8k                   kubernetes.io/service-account-token   4      10h
endpoint-observability-operator-sa-token-27r8b                   kubernetes.io/service-account-token   4      23h

  • The multicluster-observability-operator is being OOMKilled

Environment

  • Red Hat OpenShift Container Platform 4.x
  • Red Hat Advanced Cluster Management Observability 2.10.0
  • Red Hat Advanced Cluster Management Observability 2.10.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content