Description of problem: power-of-two balancing feature set "Random" as default balancing for the passthrough routes instead of "source" OpenShift release version: release: 4.9.0-0.nightly-2021-08-24-235829 How reproducible: Frequently Steps to Reproduce (in detail): 1. Create a project with required pods and service resources 2. Expose a passthrough route from the project 3. Check the haproxy configuration for the passthough route Actual results: Inside the proxy pod: $ env | grep -i random ROUTER_LOAD_BALANCE_ALGORITHM=random # Secure backend, pass through backend be_tcp:q2n1d:route-passth balance random <----- hash-type consistent timeout check 5000ms server pod:web-server-rc-hr7q2:service-secure:https:10.131.0.25:8443 10.131.0.25:8443 weight 256 Expected results: As per the original proposal for this feature, the passthrough routes are supposed to be configured with "source" balancing to have some measure of session affinity. Impact of the problem: Since with the passthrough type connections, the use of cookies to manage session affinity like other connections is not possible, this connection type would need "source" balancing as default Additional info: This change of configuration likely appears to be a side effect of changes from https://bugzilla.redhat.com/show_bug.cgi?id=1988801
Verified in "4.9.0-0.ci.test-2021-08-30-050301-ci-ln-b97npit-latest" release version. With this payload, it is observed that the passthrough routes now defaults to the "source" algorithm with Power-of-two balancing in effect: ----- oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.9.0-0.ci.test-2021-08-30-050301-ci-ln-b97npit-latest True False 17m Cluster version is 4.9.0-0.ci.test-2021-08-30-050301-ci-ln-b97npit-latest # Secure backend, pass through backend be_tcp:test1:passth-route balance source <---- hash-type consistent timeout check 5000ms server pod:web-server-rc-sbkm6:service-secure:https:10.131.0.29:8443 10.131.0.29:8443 weight 256 -----
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759