Bug 2004273
Summary: | Wrong Ingress to Route conversion for wildcard hostnames | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | OpenShift BugZilla Robot <openshift-bugzilla-robot> |
Component: | Networking | Assignee: | Miheer Salunke <misalunk> |
Networking sub component: | router | QA Contact: | Melvin Joseph <mjoseph> |
Status: | CLOSED NOTABUG | Docs Contact: | |
Severity: | medium | ||
Priority: | medium | CC: | amcdermo, aos-bugs, dana.l.reale, hongli, max.maurer, mfojtik, misalunk, mmasters |
Version: | 4.6.z | ||
Target Milestone: | --- | ||
Target Release: | 4.8.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause: Setting *. entry in spec.rules.host of ingress is not supported by Route.
Consequence: controller fails with Route.route.openshift.io "route-wildcard-2-zkcdj" is invalid: spec.host: Invalid value:
Fix: If user sets *. in the ingress object having the intention for ingress to route conversion then we set wildcard. instead if *. for the route host as route hostname does not suppport *.
Backport warning-
* A user has an ingress with a wildcard host name.
* The ingress is exposed using a third-party ingress controller.
* The user does *not* want the ingress exposed by OpenShift router (for example, maybe OpenShift router is exposed on the Internet, and the third-party ingress controller is internal only; or maybe having a status entry from OpenShift router on the ingress would confuse the third-party ingress controller, as in bug 1935808).
* The router is configured to allow wildcard routes (as described in comment 8).
* The user upgrades to a version of OpenShift with this backported fix.
In this sceneario, the ingress is now exposed by the router when the user only wants it exposed by the third-party ingress controller. This is an admittedly extremely contrived situation, but sometimes users do unexpected things or have different expectations, and exposing an ingress when the user doesn't expect it could be problematic.
Therefore we need to document this new behavior very explicitly in a release note to reduce the risk that users will be caught unawares.
Result: With this fix the ingress controller does not throw the error described in the Consequence.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-11-01 08:00:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1903519 | ||
Bug Blocks: | 2004274 |
Comment 1
Arvind iyengar
2021-09-28 07:22:00 UTC
Closing this as we don't support 4.8 so backport to it won't be accepted. |