scylla-operator icon indicating copy to clipboard operation
scylla-operator copied to clipboard

Published 20 hours ago verified publisher icon scylladb

`must-gather` doesn't anonymize many things when running Scylla in GCP

Open gdubicki opened this issue 7 months ago • 6 comments

What happened?

I did a run of must-gather as documented at https://operator.docs.scylladb.com/stable/support/must-gather.html.

After grepping for some names I noticed that the data collected didn't anonymize some things:

  • GCS bucket names used for backups,
  • GCP project names,
  • GCR image names,

What did you expect to happen?

I was expecting these names to be anonymized. Instead I had to do a bunch of recursive find and replace (grep -rl old . | xargs sed -i "" -e 's/old/new/g') myself...

At the minimum, the warning in the docs about checking the gathered data should be emphasized and turn into a required step.

How can we reproduce it (as minimally and precisely as possible)?

  1. Deploy Scylla in GCP
  2. Configure backups in GCS
  3. Run some other workloads in the same cluster with images from GCR
  4. Run must-gather
  5. grep for the aforementioned names in the result directory

Scylla Operator version

1.13.0

Kubernetes platform name and version

$ kubectl version
Client Version: v1.29.6
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.29.5-gke.1192000

Please attach the must-gather archive.

I can't attach the non-anonymized archive because that's the point here. The additionally manually anonymized version is in https://github.com/scylladb/scylla-operator/issues/2016.

Anything else we need to know?

No response

gdubicki avatar Jul 12 '24 15:07 gdubicki