Bug 1772125

Summary: Conformance "should set Forwarded headers appropriately" router test is disabled on platforms except for Azure, AWS and GCP
Product: OpenShift Container Platform Reporter: Andrew McDermott <amcdermo>
Component: NetworkingAssignee: Dan Mace <dmace>
Networking sub component: router QA Contact: Hongan Li <hongli>
Status: CLOSED NOTABUG Docs Contact:
Severity: low    
Priority: low CC: aos-bugs, m.andre
Version: unspecified   
Target Milestone: ---   
Target Release: 4.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-02-21 14:53:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Andrew McDermott 2019-11-13 17:41:00 UTC 
This is the same as https://bugzilla.redhat.com/show_bug.cgi?id=1752646.

In BZ #1752646 we fixed the test but it is only known to work on Azure, AWS and GCP (looking at current CI results). This bug is to capture the fact that platforms outside those three are not currently being tested.
Comment 1 Andrew McDermott 2019-11-13 17:48:04 UTC 
This is the PR that disabled the test for platforms NOT in AWS, Azure and GCP:

  https://github.com/openshift/origin/pull/24145
Comment 2 Martin André 2019-11-14 17:28:26 UTC 
I had a look at the OpenStack platform today. In the example I looked, the test fails with `Unexpected header: '10.0.0.16' (expected 10.129.2.104)` where 10.0.0.16 is the IP address of the worker node on the machine subnet.
We could look for the presence of `X-Forwarded-For` header as we're doing for AWS platform in https://github.com/openshift/origin/pull/24093/ and that should be OK. I don't think it's worth trying to be more specific and validate the IP address.
Comment 3 Dan Mace 2020-02-21 14:53:03 UTC 
I'm going to go ahead and close this. We only manage a load balancer on AWS/Azure/GCP. For those platforms, we must support source IP preservation, and we are testing that. For other topologies, the user is responsible for the load balancer, so there's nothing for us to test in CI.