Bug 1679941 - warning message in router logs when create edge and reencrypt routes
Summary: warning message in router logs when create edge and reencrypt routes
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Routing
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: ---
: 4.1.0
Assignee: Miciah Dashiel Butler Masters
QA Contact: Hongan Li
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-02-22 09:58 UTC by Hongan Li
Modified: 2019-06-04 10:44 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-04 10:44:26 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:0758 None None None 2019-06-04 10:44:33 UTC
Github openshift router pull 21 None None None 2019-04-03 05:09:41 UTC

Description Hongan Li 2019-02-22 09:58:01 UTC
Description of problem:
W0222 09:26:13.564333       1 router.go:1036] a edge terminated route with host edge-route-hongli.apps.hongli221.qe.devcluster.openshift.com does not have the required certificates.  The route will still be created but no certificates will be written

Repeat the same step with v3.11 but didn't see the warning message.
Compare the ENV of v3.11 and v4.0 and find some differences:
# 3.11
      - env:
        - name: DEFAULT_CERTIFICATE_DIR
          value: /etc/pki/tls/private
        - name: DEFAULT_CERTIFICATE_PATH
          value: /etc/pki/tls/private/tls.crt

# 4.0
        - env:
          <---snip--->
          - name: DEFAULT_CERTIFICATE_DIR
            value: /etc/pki/tls/private



Version-Release number of selected component (if applicable):
4.0.0-0.nightly-2019-02-20-194410

How reproducible:
always

Steps to Reproduce:
1. create pod, svc and edge route
$ oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/caddy-docker.json
$ oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/edge/service_unsecure.jso
$ oc create route edge edge-route --service=service-unsecure

2. check router logs


Actual results:
shows warning message

Expected results:
should keep the same with v3.11 and no this warning message

Additional info:
https://github.com/openshift/router/blob/master/pkg/router/template/router.go#L1031

Comment 2 Miciah Dashiel Butler Masters 2019-03-27 22:29:37 UTC
This looks like a regression of bug 1401503.

Comment 3 Hongan Li 2019-03-28 06:34:46 UTC
checked with latest 4.0.0-0.nightly-2019-03-25-180911 build, didn't see the warning for reencrypt route but still can see it for edge route as below while router reloaded.

W0328 05:33:34.884056       1 router.go:1036] a edge terminated route with host myroute-pf5ts.apps.hongli911.qe.devcluster.openshift.com does not have the required certificates.  The route will still be created but no certificates will be written

--- creating pod, svc and edge route ---
oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/caddy-docker.json
oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/unsecure/service_unsecure.json
oc create route edge myroute --service=service-unsecure
---

Comment 5 Hongan Li 2019-03-29 09:37:54 UTC
https://github.com/openshift/router/pull/21

Comment 8 Hongan Li 2019-04-04 05:44:01 UTC
Tested with 4.0.0-0.nightly-2019-04-03-202419 but still saw WARNING logs when creating edge routes.


W0404 01:58:51.697879       1 router.go:1036] a edge terminated route with host downloads-openshift-console.apps.hongli404.qe.devcluster.openshift.com does not have the required certificates.  The route will still be created but no certificates will be written

W0404 05:33:23.604752       1 router.go:1036] a edge terminated route with host edge-route-hongli.apps.hongli404.qe.devcluster.openshift.com does not have the required certificates.  The route will still be created but no certificates will be written

Comment 9 Hongan Li 2019-04-15 01:39:35 UTC
verified with 4.0.0-0.nightly-2019-04-10-182914 and the issue has been fixed. no WARNING logs when creating edge and passthrough routes.

$ oc -n openshift-ingress logs router-default-6cf74b4696-mz4dz
I0415 00:55:49.545557       1 template.go:299] Starting template router (v4.1.0-201904092032)

Comment 11 errata-xmlrpc 2019-06-04 10:44:26 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758


Note You need to log in before you can comment on or make changes to this bug.