1866575 – Default spec.httpHeaders.uniqueId.format value breaks HAProxy

Bug 1866575 - Default spec.httpHeaders.uniqueId.format value breaks HAProxy

Summary: Default spec.httpHeaders.uniqueId.format value breaks HAProxy

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	4.6.0
Assignee:	Miciah Dashiel Butler Masters
QA Contact:	Arvind iyengar
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-08-06 00:38 UTC by Miciah Dashiel Butler Masters
Modified:	2022-08-04 22:30 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-10-27 16:25:22 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift cluster-ingress-operator pull 438	0	None	closed	Bug 1866575: Escape unique-id format	2020-10-29 09:01:45 UTC
Red Hat Product Errata	RHBA-2020:4196	0	None	None	None	2020-10-27 16:25:45 UTC

Description Miciah Dashiel Butler Masters 2020-08-06 00:38:05 UTC

Description of problem:

Creating a IngressController that specifies spec.httpHeaders.uniqueId.name and omits spec.httpHeaders.uniqueId.format produces an invalid HAProxy configuration.


Version-Release number of selected component (if applicable):

4.6.0-0.ci-2020-08-05-165313


How reproducible:

100%.


Steps to Reproduce:
1. Create a new IngressController that specifies spec.httpHeaders.uniqueId.name and omits spec.httpHeaders.uniqueId.format:

    % oc create -f - <<'EOF'
    apiVersion: operator.openshift.io/v1
    kind: IngressController
    metadata:
      name: uniqueid
      namespace: openshift-ingress-operator
    spec:
      replicas: 1
      domain: abc.com
      endpointPublishingStrategy:
        type: Private
      httpHeaders:
        uniqueId:
          name: foo
    EOF

2. Check the logs for the router deployment created by Step 1:

    % oc -n openshift-ingress logs -c router deploy/router-uniqueid


Actual results:

The output of Step 2 reports errors in haproxy.config:

    I0805 23:23:03.435104       1 template.go:403] router "msg"="starting router"  "version"="majorFromGit: \nminorFromGit: \ncommitFromGit: 658c67c\nversionFromGit: v0.0.0-unknown\ngitTreeState: clean\nbuildDate: 2020-08-04T23:40:51Z\n"
    I0805 23:23:03.437857       1 metrics.go:154] metrics "msg"="router health and metrics port listening on HTTP and HTTPS"  "address"="0.0.0.0:1936"
    I0805 23:23:03.441690       1 reflector.go:175] Starting reflector *v1.Service (30m0s) from github.com/openshift/router/pkg/router/template/service_lookup.go:33
    I0805 23:23:03.446518       1 router.go:183] template "msg"="creating a new template router"  "writeDir"="/var/lib/haproxy"
    I0805 23:23:03.446578       1 router.go:259] template "msg"="router will coalesce reloads within an interval of each other"  "interval"="5s"
    I0805 23:23:03.447002       1 router.go:321] template "msg"="watching for changes"  "path"="/etc/pki/tls/private"
    E0805 23:23:03.448368       1 haproxy.go:416] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: no such file or directory
    error: error reloading router: exit status 1
    [ALERT] 217/232303 (20) : parsing [/var/lib/haproxy/conf/haproxy.config:70] : unique-id-format expects only one argument, don't forget to escape spaces!
    [ALERT] 217/232303 (20) : parsing [/var/lib/haproxy/conf/haproxy.config:128] : unique-id-format expects only one argument, don't forget to escape spaces!
    [ALERT] 217/232303 (20) : parsing [/var/lib/haproxy/conf/haproxy.config:167] : unique-id-format expects only one argument, don't forget to escape spaces!
    [ALERT] 217/232303 (20) : Error(s) found in configuration file : /var/lib/haproxy/conf/haproxy.config
    [ALERT] 217/232303 (20) : Fatal errors found in configuration.


Expected results:

The output of Step 2 should not report any errors in haproxy.config.

Comment 3 Arvind iyengar 2020-08-12 05:25:09 UTC

The PR merged and made into "4.6.0-0.nightly-2020-08-10-200500". With this payload, the configuration files gets generated  properly: 

- Payload version:
---
$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.6.0-0.nightly-2020-08-10-200500   True        False         24h     Cluster version is 4.6.0-0.nightly-2020-08-10-200500

- spec configuration:
-----
$ oc -n openshift-ingress-operator get ingresscontroller internalapps -o yaml | grep -i "spec" -A6
spec:
  domain: internalapps.oc46-1108-patched.qe.devcluster.openshift.com
  endpointPublishingStrategy:
    type: NodePortService
  httpHeaders:
    uniqueId:
      name: abcd
-----

- Inside the router:
----
$ cat haproxy.config | grep -i unique
  unique-id-format "%{+X}o %ci:%cp_%fi:%fp_%Ts_%rt:%pid"
  unique-id-header abcd           
----

- Router logs:
----
$ oc -n openshift-ingress logs deployment/router-internalapps -c router --tail 10
I0812 04:47:49.947269       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:48:00.209896       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:48:05.190617       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:49:42.086777       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:49:47.072492       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:49:52.068477       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:49:57.075789       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:50:05.941089       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:50:10.943427       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
I0812 04:50:15.940164       1 router.go:566] template "msg"="router reloaded"  "output"=" - Checking http://localhost:80 ...\n - Health check ok : 0 retry attempt(s).\n"
----

Comment 5 errata-xmlrpc 2020-10-27 16:25:22 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196

Note You need to log in before you can comment on or make changes to this bug.