Created attachment 1507388 [details]
40 console redirect loop
Description of problem:
Try to access the web console after all launched, but got redirect loop.
Version-Release number of the following components:
features: Basic-Auth GSSAPI Kerberos SPNEGO
$ bin/openshift-install version
Your version of Terraform is out of date! The latest version
is 0.11.10. You can update by downloading from www.terraform.io/downloads.html
Steps to Reproduce:
1. Setup 40 cluster with libvirt provider with openshift-install
2. After all things launched, make router pod in openshift-ingress expose 80 & 443 port for routes
3. make dns entry in /etc/hosts for console route
oc get routes -n openshift-console
echo "worker_ip console-openshift-console.router.default.svc.cluster.local" >> /etc/hosts
4. try to access web console
4. got redirect loop
Navigated to https://console-openshift-console.router.default.svc.cluster.local/auth/login
Error logging out TypeError: "NetworkError when attempting to fetch resource." main-chunk-0432bfc802ed74d1be3a.min.js:1:19214
4. web console should work well
This can also be reproduced on Aws provider, so remove the libvirt in title.
Created attachment 1507913 [details]
It's probably not worth trying to test the console until  gets closed.
Now console testing on both AWS and Libvirt is blocked by this bug, is there any other workaround?
The old console is going away, it wont exist in 4.0 installs.
The new console can be tested, pending this next PR:
Should be blocked with https://bugzilla.redhat.com/show_bug.cgi?id=1653228
This is not an installer issue. This will be fixed by the ingress operator, which is maintained by the network edge team.
I feel this bug belongs to Auth because it appears the console's Route now has the correct host name and that name seems to properly resolve through external DNS.
Can you confirm that this is no longer an issue? I'd like to close this out as the original issue reported has been resolved.
Checked with aws provider, and kubeadmin work well.