Description of problem: openshift-apiserver pod logs have numerous TLS handshake error.*EOF logs from 10.128.0.1, 10.129.0.1, 10.130.0.1 Version-Release number of selected component (if applicable): 4.6.0-0.nightly-2020-07-14-035247 How reproducible: Always Steps to Reproduce: 1. Launched two envs: One is ipi on aws with fips & etcd encryption, the other is ipi on gcp with http proxy 2. Check the openshift-apiserver pod logs Actual results: 2. Both envs found numerous TLS handshake error from.*EOF logs, all are from 10.128.0.1, 10.129.0.1, 10.130.0.1. $ grep "TLS handshake error from.*EOF" apiserver-6f4fdfcc87-{ggxt9,k26lt,tdm2d}.log | wc -l 185160 $ grep "TLS handshake error from.*EOF" apiserver-6f4fdfcc87-{ggxt9,k26lt,tdm2d}.log | tail -n 3 apiserver-6f4fdfcc87-tdm2d.log:I0715 11:21:31.739521 1 log.go:181] http: TLS handshake error from 10.128.0.1:35350: EOF apiserver-6f4fdfcc87-tdm2d.log:I0715 11:21:31.941917 1 log.go:181] http: TLS handshake error from 10.130.0.1:40358: EOF apiserver-6f4fdfcc87-tdm2d.log:I0715 11:21:32.122470 1 log.go:181] http: TLS handshake error from 10.129.0.1:57434: EOF $ grep "TLS handshake error from.*EOF" apiserver-6f4fdfcc87-{ggxt9,k26lt,tdm2d}.log | grep -v -e 10.128.0.1 -e 10.129.0.1 -e 10.130.0.1 # none Expected results: 2. Should have no so many TLS handshake error from.*EOF logs. Additional info: kube-apiserver pods don't have these logs. # below shows 10.128.0.0/14, not sure if related to 10.128.0.1, 10.129.0.1, 10.130.0.1 oc get cm/cluster-config-v1 -n kube-system -o yaml ... networking: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 ...
Have another 4.5.0-0.nightly-2020-07-14-213353 ipi on aws with http_proxy on hand, but has no the issue.
*** This bug has been marked as a duplicate of bug 1855284 ***
Fixed by https://bugzilla.redhat.com/show_bug.cgi?id=1855284