Bug 1974609 - Rook operator SIGSEGV when RGW has TLS enabled
Summary: Rook operator SIGSEGV when RGW has TLS enabled
Keywords:
Status: VERIFIED
Alias: None
Product: Red Hat OpenShift Container Storage
Classification: Red Hat Storage
Component: rook
Version: 4.8
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: ---
: OCS 4.8.0
Assignee: Jiffin
QA Contact: Ben Eli
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-06-22 07:44 UTC by Jiffin
Modified: 2023-08-03 08:28 UTC (History)
4 users (show)

Fixed In Version: 4.8.0-432.ci
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift rook pull 266 0 None closed Bug 1974609: ceph: initialise httpclient for bucketchecker and objectstoreuser 2021-06-30 05:55:48 UTC
Github rook rook issues 8132 0 None closed Operator SIGSEGV when RGW has TLS enabled 2021-06-22 07:45:51 UTC
Github rook rook pull 8139 0 None closed ceph: initialise httpclient for bucketchecker and objectstoreuser 2021-06-22 07:46:33 UTC

Description Jiffin 2021-06-22 07:44:49 UTC
Description of problem (please be detailed as possible and provide log
snippests):
When RGW has TLS certificate set, rook-operator pod crash

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1d32433]
goroutine 1221 [running]:
github.com/rook/rook/pkg/operator/ceph/object.(*bucketChecker).checkObjectStoreHealth(0xc002422000, 0xc00158f200, 0xc001a08fb0)
	/home/rook/go/src/github.com/rook/rook/pkg/operator/ceph/object/health.go:141 +0x1173
github.com/rook/rook/pkg/operator/ceph/object.(*bucketChecker).checkObjectStore(0xc002422000, 0xc00066b200)
	/home/rook/go/src/github.com/rook/rook/pkg/operator/ceph/object/health.go:82 +0x45
created by github.com/rook/rook/pkg/operator/ceph/object.(*ReconcileCephObjectStore).startMonitoring
	/home/rook/go/src/github.com/rook/rook/pkg/operator/ceph/object/controller.go:542 +0x3e5


Version of all relevant components (if applicable):
4.8

Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?
If TLS enabled then 

Is there any workaround available to the best of your knowledge?
Nope

Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
1.)

Can this issue reproducible?
Yes

Can this issue reproduce from the UI?
Nope

Steps to Reproduce:
Enable TLS for RGW via https://rook.io/docs/rook/v1.6/ceph-object-store-crd.html#gateway-settings


Actual results:
Rook Operator pod is crashing

Expected results:
Rook Operator should not crash

Additional info:
Currently, TLS enabled RGW endpoint is not tested in OCS and planned for 4.9 as a dependency for RGW-KMS[1]. Please note customers are trying out this feature independently with OCS 4.7[2] since support already exists in Rook

The required change is merged in Rook Upstream https://github.com/rook/rook/pull/8139

[1] https://issues.redhat.com/browse/KNIP-1555
[2] https://issues.redhat.com/browse/RHSTOR-1668?focusedCommentId=16144780&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-16144780


Note You need to log in before you can comment on or make changes to this bug.