Description of problem: The default HAProxy "503" response lack response headers, and is thus an invalid HTTP response. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: curl -v 127.0.0.1:80 on an openshift master with a router Actual results: * About to connect() to 127.0.0.1 port 80 (#0) * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 127.0.0.1 > Accept: */* > <html><body><h1>503 Service Unavailable</h1> No server available to handle the request. </body></html> * Connection #0 to host 127.0.0.1 left intact Expected results: I'd expect something like the following lines to also appear: HTTP/1.0 503 Service Unavailable Cache-Control: no-cache Connection: close Content-Type: text/html Additional info: I guess the HAProxy expect that response headers are part of the custom HTTP 503 page... https://github.com/openshift/ose/blob/master/images/router/haproxy/conf/error-page-503.html
Just for the record, same command on OSE 3.0.2 gives following answer: * About to connect() to 127.0.0.1 port 80 (#0) * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 127.0.0.1 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 503 Service Unavailable < Cache-Control: no-cache < Connection: close < Content-Type: text/html < <html><body><h1>503 Service Unavailable</h1> No server is available to handle this request. </body></html> * Closing connection 0
See also https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-errorfile "<file> designates a file containing the full HTTP response. It is recommended to follow the common practice of appending ".http" to the filename so that people do not confuse the response with HTML error pages"
Fixed via PR: https://github.com/openshift/origin/pull/6204
Rebuild haporxy image on the latest origin repo # docker images |grep openshift/origin-haproxy-router openshift/origin-haproxy-router latest 2229e31bc36e 31 minutes ago 366.1 MB 1. create router whith above image 2. Check the result: curl -v 127.0.0.1:80 * Rebuilt URL to: 127.0.0.1:80/ * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.37.0 > Host: 127.0.0.1 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 503 Service Unavailable < Pragma: no-cache < Cache-Control: private, max-age=0, no-cache, no-store < Connection: close < Content-Type: text/html < <html> <body> <h1>503 Service Unavailable</h1> No server available to handle the request. </body> </html> this bug has been fixed on origin, will verified this bug once it's merged to ose. thanks
verified this bug with router image on ose registry.access.redhat.com/openshift3/ose-haproxy-router v3.1.0.4 81c50204da05 4 weeks ago 410.2 MB # curl -v 127.0.0.1:80 * About to connect() to 127.0.0.1 port 80 (#0) * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 127.0.0.1 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 503 Service Unavailable < Cache-Control: no-cache < Connection: close < Content-Type: text/html < <html><body><h1>503 Service Unavailable</h1> No server is available to handle this request. </body></html>
Reback this bug to ON_QA, Above maybe using a wrong env. I re test this on a new ose env, found it has not merged the PR (https://github.com/openshift/origin/pull/6204).
hi, Ram Could you help check the this? Found the PR https://github.com/openshift/origin/pull/6204 has not been merged to the latest router image on OSE env # docker images |grep router registry.access.redhat.com/openshift3/ose-haproxy-router v3.1.0.4 6a3fe65c07f1 3 days ago 410.5 MB # oc rsh router-1-75zbr [root@openshift-113 conf]# ll total 68 -rwxrwxrwx. 1 root root 2042 Dec 11 13:19 default_pub_keys.pem -rwxrwxrwx. 1 root root 103 Dec 11 13:48 error-page-503.html -rwxrwxrwx. 1 root root 16766 Dec 11 13:48 haproxy-config.template -rwxrwxrwx. 1 root root 9579 Dec 15 01:21 haproxy.config -rwxrwxrwx. 1 root root 52 Dec 15 01:21 os_edge_http_be.map -rw-r--r--. 1 root root 18 Dec 15 01:21 os_edge_http_expose.map -rw-r--r--. 1 root root 18 Dec 15 01:21 os_edge_http_redirect.map -rwxrwxrwx. 1 root root 18 Dec 15 01:21 os_http_be.map -rwxrwxrwx. 1 root root 18 Dec 15 01:21 os_reencrypt.map -rwxrwxrwx. 1 root root 18 Dec 15 01:21 os_sni_passthrough.map -rwxrwxrwx. 1 root root 18 Dec 15 01:21 os_tcp_be.map
Am not sure how the OSE build picks up changes -- CCing Troy. Troy, can you please help. Thanks in advance.
Thanks for your details reference. it makes things clear.
verified this bug with haproxy router image: rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-haproxy-router v3.1.1.0 fac972949d0e 2 days ago 412.7 MB $ curl -v 127.0.0.1:80 * About to connect() to 127.0.0.1 port 80 (#0) * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 127.0.0.1 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 503 Service Unavailable < Pragma: no-cache < Cache-Control: private, max-age=0, no-cache, no-store < Connection: close < Content-Type: text/html < <html> <body> <h1>503 Service Unavailable</h1> No server available to handle the request. </body> </html>
*** Bug 1296008 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2016:0070