Description of problem: When running the 'oc exec' command over an http proxy, the following error is noticed: error: error sending request: Post https://<openshift_master>:8443/api/v1/namespaces/5twyu/pods/frontend-1-m68w4/exec?command=env&container=ruby-helloworld&container=ruby-helloworld&stderr=true&stdout=true: tls: oversized record received with length 20527 Version-Release number of selected component (if applicable): oc v1.1.0.1 kubernetes v1.1.0-origin-1107-g4c8e6f4 How reproducible: Always Steps to Reproduce: 1. Create a project 2. Create a pod 3. Run 'oc exec' on the pod while over an http proxy: oc exec frontend-1-m68w4 --config=ose_test1.kubeconfig -n 5twyu -- env Actual results: error: error sending request: Post https://<openshift_master>:8443/api/v1/namespaces/5twyu/pods/frontend-1-m68w4/exec?command=env&container=ruby-helloworld&container=ruby-helloworld&stderr=true&stdout=true: tls: oversized record received with length 20527 Expected results: The command should run successfully without error Additional info:
Looks like it's a docker issue? https://github.com/docker/docker/issues/14793
No, not a docker issue. When proxying a https backend through a http proxy, what is the expected TLS behavior?
@Jordan, HTTPS over HTTP proxy usually means making a CONNECT call to the remote host and then keep doing business as usual. It's not like HTTP proxying where client asks proxy for resource and proxy retrieves on its behalf. The strange thing is that `oc whatever` works but not `oc exec`. Is not `oc exec` using same API access like any other `oc` call? Or is it hitting other hosts/ports?
Fixed in https://github.com/openshift/origin/pull/7362
Verified this bug using oc v3.1.1.905. Result: $ oc exec ruby-hello-world-1-rsglj -- env PATH=/opt/app-root/src/bin:/opt/app-root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=ruby-hello-world-1-rsglj RUBY_HELLO_WORLD_PORT=tcp://172.31.154.85:8080 KUBERNETES_SERVICE_PORT=443 KUBERNETES_SERVICE_PORT_HTTPS=443 KUBERNETES_SERVICE_PORT_DNS_TCP=53 KUBERNETES_PORT_443_TCP_PROTO=tcp KUBERNETES_PORT_53_TCP_PORT=53 RUBY_HELLO_WORLD_SERVICE_HOST=172.31.154.85 RUBY_HELLO_WORLD_PORT_8080_TCP_PORT=8080 RUBY_HELLO_WORLD_PORT_8080_TCP_ADDR=172.31.154.85 KUBERNETES_PORT=tcp://172.31.0.1:443 KUBERNETES_PORT_443_TCP=tcp://172.31.0.1:443 KUBERNETES_PORT_443_TCP_PORT=443 KUBERNETES_PORT_53_UDP_PROTO=udp KUBERNETES_PORT_53_UDP_ADDR=172.31.0.1 KUBERNETES_PORT_53_TCP_PROTO=tcp RUBY_HELLO_WORLD_SERVICE_PORT=8080 RUBY_HELLO_WORLD_SERVICE_PORT_8080_TCP=8080 RUBY_HELLO_WORLD_PORT_8080_TCP_PROTO=tcp KUBERNETES_SERVICE_PORT_DNS=53 KUBERNETES_PORT_443_TCP_ADDR=172.31.0.1 KUBERNETES_PORT_53_UDP_PORT=53 RUBY_HELLO_WORLD_PORT_8080_TCP=tcp://172.31.154.85:8080 KUBERNETES_SERVICE_HOST=172.31.0.1 KUBERNETES_PORT_53_UDP=udp://172.31.0.1:53 KUBERNETES_PORT_53_TCP=tcp://172.31.0.1:53 KUBERNETES_PORT_53_TCP_ADDR=172.31.0.1 RACK_ENV=production OPENSHIFT_BUILD_NAME=ruby-hello-world-1 OPENSHIFT_BUILD_NAMESPACE=wsunose OPENSHIFT_BUILD_SOURCE=https://github.com/openshift/ruby-hello-world.git STI_SCRIPTS_URL=image:///usr/libexec/s2i STI_SCRIPTS_PATH=/usr/libexec/s2i HOME=/opt/app-root/src BASH_ENV=/opt/app-root/etc/scl_enable ENV=/opt/app-root/etc/scl_enable PROMPT_COMMAND=. /opt/app-root/etc/scl_enable RUBY_VERSION=2.2
Also confirmed with the provided origin builds, thank you!