Bug 1749277

Summary: [osp15][Octavia]- Lb with http listener and https pool - pool goes into error state.
Product: Red Hat OpenStack Reporter: Alexander Stafeyev <astafeye>
Component: openstack-octaviaAssignee: Assaf Muller <amuller>
Status: CLOSED DUPLICATE QA Contact: Bruna Bonguardo <bbonguar>
Severity: high Docs Contact:
Priority: unspecified    
Version: 15.0 (Stein)CC: bhaley, cgoncalves, ihrachys, lpeer, majopela, scohen
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-09-19 16:25:53 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexander Stafeyev 2019-09-05 09:51:49 UTC 
Description of problem:
Creating a HTTPS pool with assignment to HTTP listener ends up with the pool in error state and the following error octavia worker log: 
http://paste.openstack.org/show/771268/

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Create LB , Create HTTP listener
2. Create HTTPS pool. See pool status and worker log. 
3.

Actual results:
(tester) [stack@undercloud-0 ~]$  openstack loadbalancer pool list 
+--------------------------------------+------+----------------------------------+---------------------+----------+--------------+----------------+
| id                                   | name | project_id                       | provisioning_status | protocol | lb_algorithm | admin_state_up |
+--------------------------------------+------+----------------------------------+---------------------+----------+--------------+----------------+
| 17d7f394-01e8-48cb-ac90-ea2217cad544 |      | 85cdc4a3fc924852aa7c3d69efdb4ebb | ERROR               | HTTPS    | ROUND_ROBIN  | True           |
+--------------------------------------+------+----------------------------------+---------------------+----------+--------------+----------------+
(tester) [stack@undercloud-0 ~]$  openstack loadbalancer pool show 17d7f394-01e8-48cb-ac90-ea2217cad544
+----------------------+--------------------------------------+
| Field                | Value                                |
+----------------------+--------------------------------------+
| admin_state_up       | True                                 |
| created_at           | 2019-09-05T09:42:09                  |
| description          |                                      |
| healthmonitor_id     |                                      |
| id                   | 17d7f394-01e8-48cb-ac90-ea2217cad544 |
| lb_algorithm         | ROUND_ROBIN                          |
| listeners            | ceecab22-1966-4c15-828c-09d8d6eced39 |
| loadbalancers        | 3a3a3df8-79da-45fe-8701-76ab0d03170c |
| members              |                                      |
| name                 |                                      |
| operating_status     | OFFLINE                              |
| project_id           | 85cdc4a3fc924852aa7c3d69efdb4ebb     |
| protocol             | HTTPS                                |
| provisioning_status  | ERROR                                |
| session_persistence  | None                                 |
| updated_at           | 2019-09-05T09:42:09                  |
| tls_container_ref    | None                                 |
| ca_tls_container_ref | None                                 |
| crl_container_ref    | None                                 |
| tls_enabled          | False                                |
+----------------------+--------------------------------------+
(tester) [stack@undercloud-0 ~]$ 


Expected results:
The pool should be created ok and traffic from pool to members should be https. 

Additional info:
Comment 1 Alexander Stafeyev 2019-09-05 10:31:30 UTC 
HTTPS back end traffic ( as in this scenario) is a valid and common configuration in LB world. 

If Octavia does not support it without "terminated http"  we should mention that limitation. 

Additional to that we should block that option with proper message and pool should not be created .
Comment 2 Carlos Goncalves 2019-09-19 16:25:53 UTC 

*** This bug has been marked as a duplicate of bug 1668369 ***