Description of problem: W0222 09:26:13.564333 1 router.go:1036] a edge terminated route with host edge-route-hongli.apps.hongli221.qe.devcluster.openshift.com does not have the required certificates. The route will still be created but no certificates will be written Repeat the same step with v3.11 but didn't see the warning message. Compare the ENV of v3.11 and v4.0 and find some differences: # 3.11 - env: - name: DEFAULT_CERTIFICATE_DIR value: /etc/pki/tls/private - name: DEFAULT_CERTIFICATE_PATH value: /etc/pki/tls/private/tls.crt # 4.0 - env: <---snip---> - name: DEFAULT_CERTIFICATE_DIR value: /etc/pki/tls/private Version-Release number of selected component (if applicable): 4.0.0-0.nightly-2019-02-20-194410 How reproducible: always Steps to Reproduce: 1. create pod, svc and edge route $ oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/caddy-docker.json $ oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/edge/service_unsecure.jso $ oc create route edge edge-route --service=service-unsecure 2. check router logs Actual results: shows warning message Expected results: should keep the same with v3.11 and no this warning message Additional info: https://github.com/openshift/router/blob/master/pkg/router/template/router.go#L1031
This looks like a regression of bug 1401503.
checked with latest 4.0.0-0.nightly-2019-03-25-180911 build, didn't see the warning for reencrypt route but still can see it for edge route as below while router reloaded. W0328 05:33:34.884056 1 router.go:1036] a edge terminated route with host myroute-pf5ts.apps.hongli911.qe.devcluster.openshift.com does not have the required certificates. The route will still be created but no certificates will be written --- creating pod, svc and edge route --- oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/caddy-docker.json oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/unsecure/service_unsecure.json oc create route edge myroute --service=service-unsecure ---
https://github.com/openshift/router/pull/21
Tested with 4.0.0-0.nightly-2019-04-03-202419 but still saw WARNING logs when creating edge routes. W0404 01:58:51.697879 1 router.go:1036] a edge terminated route with host downloads-openshift-console.apps.hongli404.qe.devcluster.openshift.com does not have the required certificates. The route will still be created but no certificates will be written W0404 05:33:23.604752 1 router.go:1036] a edge terminated route with host edge-route-hongli.apps.hongli404.qe.devcluster.openshift.com does not have the required certificates. The route will still be created but no certificates will be written
verified with 4.0.0-0.nightly-2019-04-10-182914 and the issue has been fixed. no WARNING logs when creating edge and passthrough routes. $ oc -n openshift-ingress logs router-default-6cf74b4696-mz4dz I0415 00:55:49.545557 1 template.go:299] Starting template router (v4.1.0-201904092032)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758