Bug 1789462

Summary: Login to grafana fails on IPv6 environments
Product: OpenShift Container Platform Reporter: Yurii Prokulevych <yprokule>
Component: apiserver-authAssignee: Standa Laznicka <slaznick>
Status: CLOSED ERRATA QA Contact: scheng
Severity: high Docs Contact:
Priority: high    
Version: 4.3.zCC: aos-bugs, augol, danw, juzhao, mcornea, mfojtik, pkrupa, sasha, scheng, scuppett, sgordon, slaznick, sttts, surbania
Target Milestone: ---   
Target Release: 4.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: improper handling of the kube-apiserver service-network address Consequence: unable to connect to kube-apiserver if it has an IPv6 address Fix: added detection for IPv6 address and its proper handling Result: the proxy can connect to the kube-apiserver if it serves on an IPv6 address
 Story Points: ---
Clone Of:
: 1798195 (view as bug list) Environment:
Last Closed: 2020-05-04 11:23:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1771572, 1798195    

Comment 3 Standa Laznicka 2020-01-28 14:31:35 UTC 
The oauth-proxy only tries to connect to wherever it hopes the kube-apiserver is on the service network, moving to SDN.
Comment 5 Standa Laznicka 2020-01-31 08:12:20 UTC 
Indeed, if url.URL structure contains IPv6 address in its Host field, a successive ".String()" call merely concatenates the fields. Fixed in the linked PR.
Comment 7 Junqi Zhao 2020-02-05 03:16:51 UTC 
prometheus, alertmanager, and grafana cannot be accessed via webUI either
Comment 8 Standa Laznicka 2020-02-10 15:11:48 UTC 
Please clarify if that means that the bugfix failed QA (in which case upload new logs)?
Comment 9 Dan Winship 2020-02-11 15:33:35 UTC 
can't currently be tested in 4.4. "Verifying" to unblock the backport
Comment 11 errata-xmlrpc 2020-05-04 11:23:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581