Bug 1824163

Summary: [oauth-server] Router and default exposed frontends (oauth and console) should gracefully terminate
Product: OpenShift Container Platform Reporter: Standa Laznicka <slaznick>
Component: apiserver-authAssignee: Stefan Schimanski <sttts>
Status: CLOSED ERRATA QA Contact: scheng
Severity: high Docs Contact:
Priority: high    
Version: 4.4CC: aos-bugs, ccoleman, dmace, hongli, mfojtik, pstrick, wking
Target Milestone: ---   
Target Release: 4.5.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: 1809665
: 1824166 (view as bug list) Environment:
Last Closed: 2020-07-13 17:27:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1824166    

Description Standa Laznicka 2020-04-15 13:15:26 UTC 
+++ This bug was initially created as a clone of Bug #1809665 +++

The router, console, and oauth endpoints should all gracefully terminate when their pods are marked deleted without dropping traffic.

Console and oauth can have simple "wait before shutdown" logic because they do not execute long running transactions.  The router needs to wait longer (it is a service load balancer) and then instruct HAProxy to gracefully terminate, then wait up to a limit, and then shut down.

In combination these fixes will ensure end users see no disruption of the control plane or web console, or their frontend web applications, during upgrade.
Comment 1 Standa Laznicka 2020-04-15 13:16:28 UTC 
as observed in https://testgrid.k8s.io/redhat-openshift-ocp-release-4.5-informing#release-openshift-origin-installer-e2e-aws-upgrade-rollback-4.5&sort-by-flakiness=, this was fixed by the patch merged on 2020-03-03, thus marking verified

https://github.com/openshift/cluster-authentication-operator/pull/252
Comment 3 errata-xmlrpc 2020-07-13 17:27:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409