Bug 1657094

Summary: cannot access exposed URL: "Service Unavailable" for registry-webconsole
Product: OpenShift Container Platform Reporter: Rutvik <rkshirsa>
Component: Registry ConsoleAssignee: Martin Pitt <mpitt>
Status: CLOSED INSUFFICIENT_DATA QA Contact: Yanping Zhang <yanpzhan>
Severity: high Docs Contact:
Priority: high    
Version: 3.11.0CC: aos-bugs, bparees, mpitt, pvarma, rkshirsa, sponnaga
Target Milestone: ---   
Target Release: 3.11.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-05-13 17:57:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rutvik 2018-12-07 04:51:29 UTC 
Description of problem:

The registry-console is exposed but not accessible via a route as well service.

The route is exposed as a passthrough and I could match that with oauth client URI as well.

Other application routes are working fine in the same cluster, the registry-console pod is also up and running.

As there is ELB present infront of OCP cluster hence just to eliminate traffic routing from ELB, we tried to add the route entry in "/etc/hosts" but no luck.

Pod logs:
>>
oc logs registry-console-1-c45vj 
INFO: cockpit-ws: Using certificate: /etc/cockpit/ws-certs.d/0-self-signed.cert
>> 

The cluster is configured with the OVS-multitenant plugin and default project has "0" netnamespace id.

$ sudo oc version
oc v3.11.16
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://master.abc.xyz.com:443
openshift v3.11.16
kubernetes v1.11.0+d4cacc0
Comment 3 Martin Pitt 2018-12-14 15:54:15 UTC 
I suppose "ELB" means something like a load balancer, or a proxy? Other people reported that a service providing the registry-console does work with a TLS passthrough route, just not with reencrypt (see bug 1599227 - however, I don't fully understand the details of that either).

Does it work without the ELB, with directly accessing the route?

I'm afraid this report does not contain any useful information to try and reproduce the problem. Please test without ELB or describe how to set that up. Reproducing also requires a YAML description of the involved service and route. Something like

  oc get pods -o yaml registry-console-1-c45vj 

and the same for the route. I. e. the precise steps to replicate this on a completely  blank OCP cluster.

Thanks!
Comment 5 Martin Pitt 2020-05-13 17:57:23 UTC 
No answer in two years and not relevant any more, closing. Thanks!
Comment 6 Red Hat Bugzilla 2023-09-15 00:14:30 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days