Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1427774

Summary: Router default cert is not being propagated to the F5
Product: OpenShift Container Platform Reporter: Alexander Koksharov <akokshar>
Component: NetworkingAssignee: Rajat Chopra <rchopra>
Status: CLOSED ERRATA QA Contact: Hongan Li <hongli>
Severity: high Docs Contact:
Priority: unspecified    
Version: 3.4.0CC: akokshar, aos-bugs, bbennett, bmeng, eparis, smunilla
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: CLI help text was not clear about what worked on the F5 vs the haproxy routers Consequence: It was not obvious from the CLI what was supported on the F5 Fix: Update the CLI help text Result: More clear expectations
 Story Points: ---
Clone Of:
: 1428025 (view as bug list) Environment:
Last Closed: 2017-08-10 05:18:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1428025    

Description Alexander Koksharov 2017-03-01 07:49:18 UTC 
Description of problem:
were following "F5 native integration" and have noticed that router default certificate is not being propagated to the F5. We were using --default-certs option while deploying the f5-router but it did not change anything. We still getting some default certificate which is set on F5 and is for "localhost.local" domain. If we manually replace this cert on F5, we can access OCP services over secured routes.

Does f5-router pod configures default router certificate on F5? Are there prerequisites for this?

Version-Release number of selected component (if applicable):
3.4

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 5 Rajat Chopra 2017-04-07 23:04:26 UTC 
https://github.com/openshift/openshift-docs/pull/4090
Comment 7 Ben Bennett 2017-04-19 15:02:42 UTC 
Talked about this in standup and we are going to:
 - Clarify the command line args for F5 and haproxy in the docs (there's no current section)
 - In the CLI help we are going to add indications of which is for which router
Comment 8 Rajat Chopra 2017-04-19 18:51:38 UTC 
CLI PR: https://github.com/openshift/origin/pull/13820
Comment 10 Hongan Li 2017-05-31 03:03:28 UTC 
verified in atomic-openshift-3.6.86-1.git.0.3d5c716.el7.x86_64 and the cli help info has updated.
Comment 12 errata-xmlrpc 2017-08-10 05:18:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1716