Bug 1854195 - HTTP/2 backend support breaks websocket
Summary: HTTP/2 backend support breaks websocket
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.4
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.5.0
Assignee: Andrew McDermott
QA Contact: Hongan Li
Depends On: 1853711
Blocks: 1854814
TreeView+ depends on / blocked
Reported: 2020-07-06 17:49 UTC by Ben Bennett
Modified: 2022-08-04 22:27 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1853711
Last Closed: 2020-07-13 17:44:51 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift cluster-ingress-operator pull 424 0 None closed Bug 1854195: Invert http/2 kill switch logic 2021-02-10 20:17:04 UTC
Red Hat Product Errata RHBA-2020:2409 0 None None None 2020-07-13 17:45:10 UTC

Comment 3 Hongan Li 2020-07-07 07:33:45 UTC
verified with 4.5.0-0.nightly-2020-07-07-021002 and the issue has been fixed.

1. HTTP/2 is disabled by default

$ oc -n openshift-ingress rsh router-default-85f9c9c76d-4z2ld
sh-4.2$ env | grep -i http2
sh-4.2$ grep server haproxy.config | grep "h2,"

2. HTTP/2 can be enabled by annotation
$ oc create -f ingresscontroller-test.yaml
$ oc -n openshift-ingress-operator annotate ingresscontroller/test ingress.operator.openshift.io/default-enable-http2=true
ingresscontroller.operator.openshift.io/test annotated

$ oc -n openshift-ingress rsh router-test-56d4649798-rbcgp
sh-4.2$ env | grep -i http2
sh-4.2$ grep server haproxy.config | grep "h2,"
  server pod:console-5c4c7d4989-qth2g:console: cookie ad942682e6c544eb4eed168e233bc6da weight 256 ssl alpn h2,http/1.1 verifyhost console.openshift-console.svc verify required ca-file /var/run/configmaps/service-ca/service-ca.crt check inter 5000ms

Comment 4 errata-xmlrpc 2020-07-13 17:44:51 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 5 W. Trevor King 2021-04-05 17:47:51 UTC
Removing UpgradeBlocker from this older bug, to remove it from the suspect queue described in [1].  If you feel like this bug still needs to be a suspect, please add keyword again.

[1]: https://github.com/openshift/enhancements/pull/475

Note You need to log in before you can comment on or make changes to this bug.