Keycloak Operator creates ServiceMonitor to scrape port/endpoint that doesn't exist
Closed this issue · 1 comments
Area
operator
Describe the bug
Keycloak Operator creates a ServiceMonitor
that points to a port or endpoint that is not reachable and TargetDown
alerts are firing
Version
quay.io/keycloak/keycloak-operator:19.0.2-legacy
Expected behavior
ServiceMonitor
and Service
are rendered without inexisting ports
Actual behavior
Inexisting ports are rendered on Service
and ServiceMonitor
for the Operator
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
monitoring-key: middleware
name: keycloak-operator
name: keycloak-operator-metrics
namespace: keycloak
spec:
endpoints:
- bearerTokenSecret:
key: ""
port: http-metrics
- bearerTokenSecret:
key: ""
port: cr-metrics
namespaceSelector: {}
selector:
matchLabels:
monitoring-key: middleware
name: keycloak-operator
==>
apiVersion: v1
kind: Service
metadata:
labels:
monitoring-key: middleware
name: keycloak-operator
name: keycloak-operator-metrics
namespace: keycloak
spec:
ports:
- name: http-metrics
port: 8383
protocol: TCP
targetPort: 8383
- name: cr-metrics
port: 8686
protocol: TCP
targetPort: 8686
selector:
name: keycloak-operator
sessionAffinity: None
type: ClusterIP
create an interactive shell into an operator pod
$ curl localhost:8686
curl: (7) Failed to connect to localhost port 8686: Connection refused
How to Reproduce?
# Prometheus operator
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
helm install -n keycloak -create-namespace prom prometheus-community/kube-prometheus-stack
# Keycloack Operator
git clone https://github.com/keycloak/keycloak-operator.git
git checkout 19.0.2
kubectl apply -k keycloak-operator/deploy
Anything else?
Reference:
keycloak-operator/cmd/manager/main.go
Line 52 in a18f7c2
Thanks (again) for reporting this issue. Keycloak 19 was the last version that included this legacy Operator, and with the release of Keycloak 20 the Operator reached EOL and this repository will be archived, please see our blog post on this topic. If this issue is still valid for the Realm Operator, please re-open it there. Thanks for your understanding. And be sure to check out our new Operator!