Bug 1884422

Summary: [3.11] passthrough route created using path
Product: OpenShift Container Platform Reporter: Miciah Dashiel Butler Masters <mmasters>
Component: NetworkingAssignee: Miciah Dashiel Butler Masters <mmasters>
Networking sub component: router QA Contact: Hongan Li <hongli>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: adeshpan, aiyengar, amcdermo, aos-bugs, aprajapa, dmace, hongli, vjaypurk
Version: 3.11.0   
Target Milestone: ---   
Target Release: 3.11.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1691190 Environment:
Last Closed: 2021-08-25 15:16:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1691190, 1889868    
Bug Blocks:    

Description Miciah Dashiel Butler Masters 2020-10-01 22:38:47 UTC 
+++ This bug was initially created as a clone of Bug #1691190 +++

Description of problem:
Passthrough routes does not support path based routing. 
Why this route can be created?
It should throw an error.

But actual result is Route gets created and that is unusable.

Replicte
1st scenario:

Create a pass-through route with --path variable and it gets created without an error.

2nd Scenario:

Create a simple pass-through route.
Create one more pass-through route with same hostname as above and give a path to the route.
It also gets created.

Actual results:
it is processed same as other routes.

Expected results:
In  both cases, It should throw an error, While creating pass-through route it should not check for hostname+path combination, and should throw an error stating not supported.
Comment 1 Andrew McDermott 2020-10-02 15:58:00 UTC 
https://github.com/openshift/origin/pull/25578

Tagging with UpcomingSprint while investigation is either ongoing or
pending. Will be considered for earlier release versions when
diagnosed and resolved.
Comment 2 Miciah Dashiel Butler Masters 2020-10-26 05:23:23 UTC 
Fix is posted but blocked on CI issues.  We'll try to get this done in the upcoming sprint.
Comment 3 Miciah Dashiel Butler Masters 2020-11-14 00:43:58 UTC 
Fix is posted but still blocked on CI issues (although some of the earlier issues have been resolved).  We'll continue working on getting this through CI in the upcoming sprint.
Comment 4 Miciah Dashiel Butler Masters 2020-12-07 03:07:59 UTC 
Still investigating CI issues.  We'll try to get this through in the upcoming sprint.
Comment 5 Miciah Dashiel Butler Masters 2021-02-06 00:11:43 UTC 
Still blocked on CI issues.
Comment 6 Miciah Dashiel Butler Masters 2021-02-26 06:28:31 UTC 
Still blocked on CI issues (recent failures look like docker.io rate limiting).
Comment 7 Miciah Dashiel Butler Masters 2021-06-11 22:43:32 UTC 
Need to follow up with PM as to how we will handle this and other 3.11 BZs that have been languishing in CI.
Comment 11 Hongan Li 2021-08-19 09:42:47 UTC 
verified with v3.11.501 and passed

[root@ip-172-18-15-133 ~]# oc version
oc v3.11.501
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://ip-172-18-15-133.ec2.internal:8443
openshift v3.11.501
kubernetes v1.11.0+d4cacc0


create passthrough route firstly, then try to create http, edge and reencrypt route with same host and a path, only http can work, others are showed as "HostAlreadyClaimed".

[root@ip-172-18-15-133 ~]# oc get route
NAME               HOST/PORT                                     PATH      SERVICES           PORT      TERMINATION   WILDCARD
myedge             HostAlreadyClaimed                            /test/    service-unsecure   http      edge          None
mypath             example-hongli.apps.0819-fza.qe.rhcloud.com             service-secure     https     passthrough   None
myreen             HostAlreadyClaimed                            /test/    service-secure     https     reencrypt     None
service-unsecure   example-hongli.apps.0819-fza.qe.rhcloud.com   /test/    service-unsecure   http                    None

create edge route firstly, then create passthrough route with same host:
[root@ip-172-18-15-133 ~]# oc get route
NAME               HOST/PORT                                     PATH      SERVICES           PORT      TERMINATION   WILDCARD
edge2              www.example.com                               /test/    service-unsecure   http      edge          None
pass2              HostAlreadyClaimed                                      service-secure     https     passthrough   None

create reen route firstly, then create passthrough route with same host:
[root@ip-172-18-15-133 ~]# oc get route
NAME               HOST/PORT                                     PATH      SERVICES           PORT      TERMINATION   WILDCARD
pass3              HostAlreadyClaimed                                      service-secure     https     passthrough   None
reen3              my.test.com                                   /test/    service-secure     https     reencrypt     None
Comment 13 errata-xmlrpc 2021-08-25 15:16:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 3.11.z security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3193