Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1040257 - cannot add an alias that shares the same root of the existing domain
cannot add an alias that shares the same root of the existing domain
Status: CLOSED ERRATA
Product: OpenShift Container Platform
Classification: Red Hat
Component: Pod (Show other bugs)
2.0.0
x86_64 Linux
high Severity high
: ---
: ---
Assigned To: Luke Meyer
libra bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-12-10 22:27 EST by Mike Barrett
Modified: 2017-03-08 12 EST (History)
6 users (show)

See Also:
Fixed In Version: rubygem-openshift-origin-controller-1.17.12.1-1 openshift-origin-broker-1.15.3.1-1
Doc Type: Enhancement
Doc Text:
By default, users were restricted from creating custom domain name aliases in the cloud domain of their applications to prevent confusion or possible name collisions. This enhancement adds a new ALLOW_ALIAS_IN_DOMAIN setting in the /etc/openshift/broker.conf file on the broker host that allows users to create aliases within the cloud domain. However, the alias must not be in the form <name>-<name>.<cloud-domain>. Aliases taking this standard form of application names are rejected to prevent conflicts. See the OpenShift Enterprise Administration Guide for more information.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-02-25 10:41:34 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:0209 normal SHIPPED_LIVE Red Hat OpenShift Enterprise 2.0.3 bugfix and enhancement update 2014-02-25 15:40:32 EST

  None (edit)
Description Mike Barrett 2013-12-10 22:27:53 EST 
Description of problem:
-----------------------
OpenShift does not allow someone to alias a nested domain (shared root or parent domain). By that I mean aliasing for example myapp-sales.oapps.corp.com to mysales.oapps.corp.com 

Version:
--------
OpenShift Enterprise 2.0

How reproducible:
-----------------
$rhc apps
myapp @ http://myapp-sales.oapps.corp.com/ (uid: blah)
...
...
removed
...
...
$ rhc alias add myapp mysales.oapps.corp.com
The specified alias is not allowed: 'mysales.oapps.corp.com'
$


Actual results:
---------------
The error: 
The specified alias is not allowed: 'mysales.oapps.corp.com'

Expected results:
------------------
Would like to add the alias mysales.oapps.corp.com to myapp-sales.oapps.corp.com
Comment 3 Luke Meyer 2013-12-12 13:24:36 EST 
Mind you, I haven't actually looked at the code yet, but my guess would be this is a pretty simple fix. My thought was to introduce this as a configurable option, defaulting to the existing behavior (disallow subdomain aliases). Any opposing view - make it non-configurable or default to allow?
Comment 4 Luke Meyer 2013-12-26 15:45:13 EST 
Proposed fix is at https://github.com/openshift/origin-server/pull/4401

Need someone to review the approach; not sure if I should do something to keep the user from possibly creating an alias that conflicts with another app's name; e.g. someone else with app "bogus-app.oapps.corp.com" could create an alias for it called "myapp-sales.oapps.corp.com" and if they happened to land on the same node host, I'm not sure which would win in the front end web proxy. I'm not sure if customers would care or not. Anyway the fix is there.
Comment 7 Peter Ruan 2014-01-31 15:22:27 EST 
verified with puddlge-2014-01-30
mynodejsapp1 @ http://mynodejsapp1-demo.ose203.example.com/ (uuid: 52eb49663eefa979ea000001)

rhc alias add mynodejsapp1 test.ose203.example.com
Alias 'test.ose203.example.com' has been added.
Comment 9 errata-xmlrpc 2014-02-25 10:41:34 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-0209.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.