Bug 1561752 - Wildcard routes take precedence over other routes that start with a number
Summary: Wildcard routes take precedence over other routes that start with a number
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.6.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 3.10.0
Assignee: Ram Ranganathan
QA Contact: Meng Bo
URL:
Whiteboard:
Depends On:
Blocks: 1570143
TreeView+ depends on / blocked
 
Reported: 2018-03-28 19:58 UTC by Eric Rich
Modified: 2018-10-29 09:05 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1570143 (view as bug list)
Environment:
Last Closed: 2018-07-30 19:11:31 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift origin issues 16724 0 None None None 2018-03-28 19:59:29 UTC
Origin (Github) 19219 0 None None None 2018-04-16 19:33:55 UTC
Red Hat Product Errata RHBA-2018:1816 0 None None None 2018-07-30 19:12:11 UTC

Description Eric Rich 2018-03-28 19:58:14 UTC
Description of problem: when we enable this optional wildcard route: It takes precedence over other routes, rendering them unreachable, but we have noticed that it only overrides routes starting with a number.


Version-Release number of selected component (if applicable): kubernetes v1.6.1+5115d708d7

How reproducible: 100%


Steps to Reproduce:
1. https://gist.github.com/jmprusi/929ab4ffdf6dcda14dde704184421e80

curl service1.127.0.0.1.nip.io -> hits service1
curl random.127.0.0.1.nip.io -> hits route-wildcard, this is expected.
curl service2.127.0.0.1.nip.io -> hits service2
curl 3service127.0.0.1.nip.io -> hits route-wildcard, this is NOT expected


Additional info:

Comment 1 Eric Rich 2018-03-28 19:59:29 UTC
A PR to fix this issue seems to be proposed: https://github.com/openshift/origin/pull/19076

Comment 2 Ram Ranganathan 2018-04-09 19:26:09 UTC
Based on Clayton's review comments on the previous PR, 
created a new PR:  https://github.com/openshift/origin/pull/19219

Comment 3 Ram Ranganathan 2018-04-12 18:11:42 UTC
Setting to modified (is that the right workflow, @ben/@mengbo?) as the PR got merged.

Comment 4 Ram Ranganathan 2018-04-24 19:32:33 UTC
Version 2 PR: https://github.com/openshift/origin/pull/19492

Comment 6 zhaozhanqi 2018-05-17 05:24:05 UTC
Verified this bug on v3.10.0-0.47.0

steps:

1. enable the wildcard for router
  oc env dc router ROUTER_ALLOW_WILDCARD_ROUTES=true

2. Create one app with wildcard route
  $oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/wildcard_route/caddy-docker.json
 $oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/wildcard_route/route_edge.json
 $oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/wildcard_route/route_unsecure_test.example.com.json

3. Create another app with route with number prefix
  oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/header-test/dc.json
oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/header-test/insecure-service.json
 oc expose svc header-test-insecure --hostname=32zhao.test.example.com --name=zhao

4. Check the route 32zhao.test.example.com
  
 curl --resolve 32zhao.test.example.com:80:172.30.70.163 http://32zhao.test.example.com
<pre>
  user-agent: curl/7.29.0
  accept: */*
  host: 32zhao.test.example.com
  x-forwarded-host: 32zhao.test.example.com
  x-forwarded-port: 80
  x-forwarded-proto: http
  forwarded: for=172.18.10.50;host=32zhao.test.example.com;proto=http
  x-forwarded-for: 172.18.10.50
</pre>


5. Check the wildcard route 
# curl --resolve zhao.test.example.com:80:172.30.70.163 http://zhao.test.example.com
Hello-OpenShift-1 http-8080

Comment 8 errata-xmlrpc 2018-07-30 19:11:31 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1816


Note You need to log in before you can comment on or make changes to this bug.