Bug 1854195 - HTTP/2 backend support breaks websocket
Summary: HTTP/2 backend support breaks websocket
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Routing
Version: 4.4
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 4.5.0
Assignee: Andrew McDermott
QA Contact: Hongan Li
URL:
Whiteboard:
Depends On: 1853711
Blocks: 1854814
TreeView+ depends on / blocked
 
Reported: 2020-07-06 17:49 UTC by Ben Bennett
Modified: 2020-07-13 17:45 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1853711
Environment:
Last Closed: 2020-07-13 17:44:51 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift cluster-ingress-operator pull 424 None closed Bug 1854195: Invert http/2 kill switch logic 2020-07-19 17:42:01 UTC
Red Hat Product Errata RHBA-2020:2409 None None None 2020-07-13 17:45:10 UTC

Comment 3 Hongan Li 2020-07-07 07:33:45 UTC
verified with 4.5.0-0.nightly-2020-07-07-021002 and the issue has been fixed.

1. HTTP/2 is disabled by default

$ oc -n openshift-ingress rsh router-default-85f9c9c76d-4z2ld
sh-4.2$ env | grep -i http2
ROUTER_DISABLE_HTTP2=true
sh-4.2$ grep server haproxy.config | grep "h2,"
sh-4.2$ 

2. HTTP/2 can be enabled by annotation
$ oc create -f ingresscontroller-test.yaml
$ oc -n openshift-ingress-operator annotate ingresscontroller/test ingress.operator.openshift.io/default-enable-http2=true
ingresscontroller.operator.openshift.io/test annotated

$ oc -n openshift-ingress rsh router-test-56d4649798-rbcgp
sh-4.2$ env | grep -i http2
ROUTER_DISABLE_HTTP2=false
sh-4.2$ grep server haproxy.config | grep "h2,"
<---snip--->
  server pod:console-5c4c7d4989-qth2g:console:10.129.0.48:8443 10.129.0.48:8443 cookie ad942682e6c544eb4eed168e233bc6da weight 256 ssl alpn h2,http/1.1 verifyhost console.openshift-console.svc verify required ca-file /var/run/configmaps/service-ca/service-ca.crt check inter 5000ms

Comment 4 errata-xmlrpc 2020-07-13 17:44:51 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409


Note You need to log in before you can comment on or make changes to this bug.