Bug 1876581 - /readyz endpoint for the API server health check probe missing in UPI AWS
Summary: /readyz endpoint for the API server health check probe missing in UPI AWS
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Documentation
Version: 4.5
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: ---
: 4.5.z
Assignee: Jason Boxman
QA Contact: Yunfei Jiang
Vikram Goyal
URL:
Whiteboard:
Depends On: 1836018
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-09-07 15:39 UTC by Simon Reber
Modified: 2021-03-17 12:25 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-03-17 12:25:03 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift installer pull 4358 0 None closed Bug 1876581: upi/aws Define load balancer health checks 2020-12-16 15:32:53 UTC
Red Hat Bugzilla 1887241 1 high CLOSED Steps to configure /readyz endpoint for the apiserver 2023-09-15 00:49:28 UTC

Description Simon Reber 2020-09-07 15:39:15 UTC
Document URL: https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-user-infra.html#installation-creating-aws-dns_installing-aws-user-infra

Section Number and Name: Creating networking and load balancing components in AWS

Describe the issue: In https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html#ocp-4-5-notable-technical-changes we are highlighting that all UPI installation need to use /readyz endpoint for API server health probe.

This is also reflected in https://docs.openshift.com/container-platform/4.5/installing/installing_bare_metal/installing-bare-metal.html#installation-network-user-infra_installing-bare-metal and https://docs.openshift.com/container-platform/4.5/installing/installing_vsphere/installing-vsphere.html#installation-network-user-infra_installing-vsphere but missing in https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-user-infra.html#installation-creating-aws-dns_installing-aws-user-infra (the CloudFormation Template don't have any details included) 

Suggestions for improvement: We should be adding a similar box or note to https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-user-infra.html#installation-creating-aws-dns_installing-aws-user-infra as available in https://docs.openshift.com/container-platform/4.5/installing/installing_bare_metal/installing-bare-metal.html#installation-network-user-infra_installing-bare-metal to highlight that /readyz endpoint must be used in UPI installation, when configuring the health endpoint.

Additional information:

Comment 2 Jason Boxman 2020-10-02 18:35:39 UTC
Hi Simon,

I am completely out of my depth when it comes to installation, and more so with CloudFormation. So is "Network topology requirements" relevant for an AWS cluster installed with CloudFormation? Or does `/openshift/installer/release-4.6/upi/aws/cloudformation/02_cluster_infra.yaml` handle all the network related configuration?

Is setting up `readyz` an additional step someone needs to take, as it appears to be for non-CloudFormation installations?

Is this something that needs to happen instead in the CloudFormation template?

Thanks!

Comment 4 Jason Boxman 2020-11-06 19:40:45 UTC
Okay, that makes sense.

I notice the title of the page is "Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates", so I think the intent here is that the offered CloudFormation templates are expected to work for a successful installation.

So checking, the CF template for OCP 4.5 does _not_ include the /readyz checks.

Is this a bug on the CF templates instead?

Comment 6 Jason Boxman 2021-02-27 03:42:38 UTC
Hi Simon,

If you mean this[0] PR, and if that PR resolved this BZ, then yes.

[0] https://github.com/openshift/installer/pull/4358


Note You need to log in before you can comment on or make changes to this bug.