Bug 1569680 - openshift-ansible aws provisioning - No support for load balancer in front of masters. Ports must be the same
Summary: openshift-ansible aws provisioning - No support for load balancer in front of...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.9.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.11.z
Assignee: Chris Callegari
QA Contact: Johnny Liu
: 1569627 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2018-04-19 19:18 UTC by Matt Woodson
Modified: 2018-09-18 15:43 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2018-09-18 14:23:38 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Matt Woodson 2018-04-19 19:18:20 UTC
Description of problem:

I'm marking this as low priority, but wanted to document this bug.  I do have a workaround.

During my testing of openshift-ansible aws provisioning, I have noticed that there isn't support for having the API port be different than the load balancer port.

What I am attempting to do is this:

web browser -> ELB (port 443) -> Masters (port 8443)

When openshift-ansible gets to the "Verify API"


The variable "openshift.master.api_url" gets set to "elb-dns-name:8443"

This will not work, because the ELB is listening on port 443.

My inventory has these variables set:


This is correct, because I want the port on the instance to listen on 8443, and it gets setup correctly.  The problem happens when the API url is generated, it tries to talk to the ELB on the wrong port, where it isn't listening.

To work around this, I set everything to 443, so everything lines up:


Version-Release number of selected component (if applicable):

openshift-ansible 3.9

Comment 2 Chris Callegari 2018-08-15 20:02:04 UTC
This behavior is fixed.

openshift_master_api_port must be in extra_vars file or we default to the openshift_facts defaults key openshift_master_api_port=8443.  We end up with mismatched elb listener, forwarder, healthcheck, instances OutOfService while api is listening on inventory openshift_master_api_port=443

To manually specify listening and forwarding port on ELB as well as api ports please set the values in role/openshift_aws/default/main file or override them in extra_vars.

Comment 3 Chris Callegari 2018-08-16 21:03:30 UTC
Matt, can you provide a use case for this?

Comment 4 Scott Dodson 2018-08-23 18:23:13 UTC
*** Bug 1569627 has been marked as a duplicate of this bug. ***

Comment 5 Chris Callegari 2018-09-18 14:23:38 UTC
Per mwoodson the ask in this bz is no longer necessary.  load balancer listener, forwarder and api ports will always be equal.


Comment 6 Matt Woodson 2018-09-18 15:43:21 UTC
In my opinion, this is a bug, just not a high priority bug.

Note You need to log in before you can comment on or make changes to this bug.