Bug 1651532 - [Next_gen_installer] Got redirect loop when access web console
Summary: [Next_gen_installer] Got redirect loop when access web console
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: apiserver-auth
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: ---
Assignee: Erica von Buelow
QA Contact: Wei Sun
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-20 09:50 UTC by weiwei jiang
Modified: 2020-05-15 05:44 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-15 05:44:07 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
40 console redirect loop (216.14 KB, image/png)
2018-11-20 09:50 UTC, weiwei jiang 		no flags Details
redirect_loop_aws_40_console (202.77 KB, image/png)
2018-11-22 11:01 UTC, weiwei jiang 		no flags Details
View All

Description weiwei jiang 2018-11-20 09:50:11 UTC 
Created attachment 1507388 [details]
40 console redirect loop

Description of problem:
Try to access the web console after all launched, but got redirect loop.

Version-Release number of the following components:
oc v4.0.0-0.43.0
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://ocp-api.tt.testing:6443
kubernetes v1.11.0+d4cacc0


$ bin/openshift-install version
bin/openshift-install v0.3.0-250-g30bb25ac57d7c7d3dae519186cbfca9af8aeaca2
Terraform v0.11.8

Your version of Terraform is out of date! The latest version
is 0.11.10. You can update by downloading from www.terraform.io/downloads.html


How reproducible:
Always

Steps to Reproduce:
1. Setup 40 cluster with libvirt provider with openshift-install
2. After all things launched, make router pod in openshift-ingress expose 80 & 443 port for routes
3. make dns entry in /etc/hosts for console route
oc get routes -n openshift-console
echo "worker_ip console-openshift-console.router.default.svc.cluster.local" >> /etc/hosts
4. try to access web console


Actual results:
4. got redirect loop
console logs: 
Navigated to https://console-openshift-console.router.default.svc.cluster.local/auth/login
Error logging out TypeError: "NetworkError when attempting to fetch resource." main-chunk-0432bfc802ed74d1be3a.min.js:1:19214

Expected results:
4. web console should work well

Additional info:
Comment 1 weiwei jiang 2018-11-22 11:00:12 UTC 
This can also be reproduced on Aws provider, so remove the libvirt in title.
Comment 2 weiwei jiang 2018-11-22 11:01:25 UTC 
Created attachment 1507913 [details]
redirect_loop_aws_40_console
Comment 3 W. Trevor King 2018-11-26 06:23:50 UTC 
It's probably not worth trying to test the console until [1] gets closed.

[1]: https://github.com/openshift/installer/issues/411
Comment 4 Yadan Pei 2018-11-26 07:13:03 UTC 
Ben,

Now console testing on both AWS and Libvirt is blocked by this bug, is there any other workaround?
Comment 5 bpeterse 2018-11-26 15:50:28 UTC 
The old console is going away, it wont exist in 4.0 installs.

The new console can be tested, pending this next PR:
https://github.com/openshift/console-operator/pull/70
Comment 6 weiwei jiang 2018-11-27 02:27:52 UTC 
Should be blocked with https://bugzilla.redhat.com/show_bug.cgi?id=1653228
Comment 7 Alex Crawford 2018-11-28 22:19:45 UTC 
This is not an installer issue. This will be fixed by the ingress operator, which is maintained by the network edge team.
Comment 8 Dan Mace 2018-12-04 15:33:58 UTC 
I feel this bug belongs to Auth because it appears the console's Route now has the correct host name and that name seems to properly resolve through external DNS.
Comment 9 Erica von Buelow 2018-12-06 22:38:01 UTC 
Can you confirm that this is no longer an issue? I'd like to close this out as the original issue reported has been resolved.
Comment 10 weiwei jiang 2018-12-07 05:30:30 UTC 
Checked with aws provider, and kubeadmin work well.
Comment 14 Luke Meyer 2020-05-15 05:44:07 UTC 
This should have been closed due to errata shipping. Closing now.
Note You need to log in before you can comment on or make changes to this bug.