1974609 – Rook operator SIGSEGV when RGW has TLS enabled

Bug 1974609 - Rook operator SIGSEGV when RGW has TLS enabled

Summary: Rook operator SIGSEGV when RGW has TLS enabled

Keywords:
Status:	VERIFIED
Alias:	None
Product:	Red Hat OpenShift Container Storage
Classification:	Red Hat Storage
Component:	rook
Sub Component:
Version:	4.8
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	high
Target Milestone:	---
Target Release:	OCS 4.8.0
Assignee:	Jiffin
QA Contact:	Ben Eli
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-06-22 07:44 UTC by Jiffin
Modified:	2023-08-03 08:28 UTC (History)
CC List:	4 users (show)
Fixed In Version:	4.8.0-432.ci
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openshift rook pull 266	None	closed	Bug 1974609: ceph: initialise httpclient for bucketchecker and objectstoreuser	2021-06-30 05:55:48 UTC
Github	rook rook issues 8132	None	closed	Operator SIGSEGV when RGW has TLS enabled	2021-06-22 07:45:51 UTC
Github	rook rook pull 8139	None	closed	ceph: initialise httpclient for bucketchecker and objectstoreuser	2021-06-22 07:46:33 UTC

Description Jiffin 2021-06-22 07:44:49 UTC

Description of problem (please be detailed as possible and provide log
snippests):
When RGW has TLS certificate set, rook-operator pod crash

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1d32433]
goroutine 1221 [running]:
github.com/rook/rook/pkg/operator/ceph/object.(*bucketChecker).checkObjectStoreHealth(0xc002422000, 0xc00158f200, 0xc001a08fb0)
	/home/rook/go/src/github.com/rook/rook/pkg/operator/ceph/object/health.go:141 +0x1173
github.com/rook/rook/pkg/operator/ceph/object.(*bucketChecker).checkObjectStore(0xc002422000, 0xc00066b200)
	/home/rook/go/src/github.com/rook/rook/pkg/operator/ceph/object/health.go:82 +0x45
created by github.com/rook/rook/pkg/operator/ceph/object.(*ReconcileCephObjectStore).startMonitoring
	/home/rook/go/src/github.com/rook/rook/pkg/operator/ceph/object/controller.go:542 +0x3e5


Version of all relevant components (if applicable):
4.8

Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?
If TLS enabled then 

Is there any workaround available to the best of your knowledge?
Nope

Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
1.)

Can this issue reproducible?
Yes

Can this issue reproduce from the UI?
Nope

Steps to Reproduce:
Enable TLS for RGW via https://rook.io/docs/rook/v1.6/ceph-object-store-crd.html#gateway-settings


Actual results:
Rook Operator pod is crashing

Expected results:
Rook Operator should not crash

Additional info:
Currently, TLS enabled RGW endpoint is not tested in OCS and planned for 4.9 as a dependency for RGW-KMS[1]. Please note customers are trying out this feature independently with OCS 4.7[2] since support already exists in Rook

The required change is merged in Rook Upstream https://github.com/rook/rook/pull/8139

[1] https://issues.redhat.com/browse/KNIP-1555
[2] https://issues.redhat.com/browse/RHSTOR-1668?focusedCommentId=16144780&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-16144780

Note You need to log in before you can comment on or make changes to this bug.