Bug 1971808
Summary: | New `local-with-fallback` service annotation does not preserve source IP | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Stephen Greene <sgreene> | |
Component: | Networking | Assignee: | Dan Winship <danw> | |
Networking sub component: | openshift-sdn | QA Contact: | zhaozhanqi <zzhao> | |
Status: | CLOSED ERRATA | Docs Contact: | ||
Severity: | high | |||
Priority: | high | CC: | bbennett, cholman, stbenjam, wking | |
Version: | 4.8 | |||
Target Milestone: | --- | |||
Target Release: | 4.9.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | No Doc Update | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1972864 (view as bug list) | Environment: |
[sig-network][Feature:Router] The HAProxy router should set Forwarded headers appropriately
|
|
Last Closed: | 2021-10-18 17:34:12 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1972864 |
Description
Stephen Greene
2021-06-14 19:40:35 UTC
Some CI runs hitting this issue, if it helps at all https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/openshift_installer/4994/pull-ci-openshift-installer-master-e2e-azure/1404292225227034624 https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/26226/pull-ci-openshift-origin-master-e2e-gcp/1404491270570643457 This is showing up quite a bit in CI. Sippy shows out of 356 runs, it happened 46 times. Verified this bug on 4.9.0-0.nightly-2021-06-22-005403 $ oc exec hello-2sbd6 -- curl router-http-echo-default.apps.ci-ln-ymcf7w2-002ac.ci.azure.devcluster.openshift.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 455 0 455 0 0 11167 0 --:--:-- --:--:-- --:--:-- 13382 GET / HTTP/1.1 user-agent: curl/7.52.1 accept: */* host: router-http-echo-default.apps.ci-ln-ymcf7w2-002ac.ci.azure.devcluster.openshift.com x-forwarded-host: router-http-echo-default.apps.ci-ln-ymcf7w2-002ac.ci.azure.devcluster.openshift.com x-forwarded-port: 80 x-forwarded-proto: http forwarded: for=10.131.0.20;host=router-http-echo-default.apps.ci-ln-ymcf7w2-002ac.ci.azure.devcluster.openshift.com;proto=http x-forwarded-for: 10.131.0.20 [zzhao@dhcp-0-105 ~]$ oc exec hello-2sbd6 -- ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 3: eth0@if25: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP link/ether 0a:58:0a:83:00:14 brd ff:ff:ff:ff:ff:ff inet 10.131.0.20/23 brd 10.131.1.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::2c66:aff:fe21:c7a/64 scope link valid_lft forever preferred_lft forever Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759 |