Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1991346

Summary: It shows 'Application is not available' when visit web console after custom hostname is in use for the OpenShift oauth-server
Product: OpenShift Container Platform Reporter: liyao
Component: Management ConsoleAssignee: Jakub Hadvig <jhadvig>
Status: CLOSED DUPLICATE QA Contact: Yadan Pei <yapei>
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.9CC: aos-bugs, jokerman, spadgett
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-08-12 16:16:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
redirect url still use original oauth server hostname none

Description liyao 2021-08-09 05:43:38 UTC 
Description of problem:
Starting 4.9, it can custom hostname and certificate for OAuth route. But after customized, when visit web console, the console UI cannot be displayed and shows 'Application is not available' from the web UI.

Version-Release number of selected component (if applicable):
4.9

How reproducible:
100%

Steps to Reproduce:
1. generate custom CA cert and signed server cert
2. create secret in openshift-config using the generated server cert 
3. append the custom CA cert to original admin kubeconfig certificate authority field
4. configure the ingress.config to contain custom route settings
$ oc edit ingresses.config.openshift.io cluster
spec:
  domain: <cluster domain name>
  componentRoutes:
    - name: oauth-openshift
      namespace: openshift-authentication
      hostname: <custom-oauth-server-hostname>
      servingCertKeyPairSecret:
        name: <custom-oauth-cert>
5. wait for the authentication operator to pick up the changes
6. visit web console from browser
$ oc login -u testuser-0 -p ***
$ oc whoami --show-console

Actual results:
1. web console login page is not displayed and 'Application is not available' message is displayed from web UI page.
2. checking the redirect url, it shows still use the original oauth server hostname not the customized hostname.

Expected results:
when oauth server hostname is customized, web console can be aware of it and redirect with the customized oauth server hostname to display the UI page 

Additional info:
Comment 2 liyao 2021-08-09 06:55:52 UTC 
Created attachment 1812278 [details]
redirect url still use original oauth server hostname
Comment 3 Samuel Padgett 2021-08-10 13:19:12 UTC 
Can you provide the following?

1. The YAML of ClusterOperator console
2. Operator pod logs from the openshift-console-operator namespace
3. Console pod logs from the openshift-console namespace
Comment 4 liyao 2021-08-11 14:21:03 UTC 
Will provide the required information once the cluster is ready.
Comment 9 Jakub Hadvig 2021-08-12 16:16:29 UTC 
Marking this as a duplicate.

*** This bug has been marked as a duplicate of bug 1989055 ***