Load balancer(ALB) on anbox-stream-agent does not work

Bug #2009811 reported by Yoshi Kadokawa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Anbox Cloud
Fix Released
High
Simon Fels

Bug Description

We have an anbox cloud deployment on AWS environment, and using AWS load balancers for the following services.

- ALB for anbox-stream-gateway
- NLB for AMS
- NLB for coturn
- ALB for anbox-stream-agent

However, with the DNS name set to the location for anbox-stream-agent, streaming the anbox application will fail.
I have confirmed that

- The SSL certificate for the ALB of anbox-stream-agent is valid
- ALB of anbox-stream-agent is reachable from the anbox container
- ALB is configured with stickiness enabled (1 day)
- From the logs in anbox-stream-agent, I can confirm that signaling and supervisor websocket got connected

When I unset the location for anbox-stream-agent, the streaming will work.

$ juju config anbox-stream-agent --reset location

Here is the attribute of the loadbalancer:
{
    "Attributes": [
        {
            "Key": "access_logs.s3.enabled",
            "Value": "false"
        },
        {
            "Key": "access_logs.s3.bucket",
            "Value": ""
        },
        {
            "Key": "access_logs.s3.prefix",
            "Value": ""
        },
        {
            "Key": "idle_timeout.timeout_seconds",
            "Value": "300"
        },
        {
            "Key": "deletion_protection.enabled",
            "Value": "false"
        },
        {
            "Key": "routing.http2.enabled",
            "Value": "true"
        },
        {
            "Key": "routing.http.drop_invalid_header_fields.enabled",
            "Value": "false"
        },
        {
            "Key": "routing.http.xff_client_port.enabled",
            "Value": "false"
        },
        {
            "Key": "routing.http.preserve_host_header.enabled",
            "Value": "false"
        },
        {
            "Key": "routing.http.xff_header_processing.mode",
            "Value": "append"
        },
        {
            "Key": "load_balancing.cross_zone.enabled",
            "Value": "true"
        },
        {
            "Key": "routing.http.desync_mitigation_mode",
            "Value": "defensive"
        },
        {
            "Key": "waf.fail_open.enabled",
            "Value": "false"
        },
        {
            "Key": "routing.http.x_amzn_tls_version_and_cipher_suite.enabled",
            "Value": "false"
        }
    ]
}

And the attribute for the target group:
{
    "Attributes": [
        {
            "Key": "target_group_health.unhealthy_state_routing.minimum_healthy_targets.count",
            "Value": "1"
        },
        {
            "Key": "stickiness.enabled",
            "Value": "true"
        },
        {
            "Key": "target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage",
            "Value": "off"
        },
        {
            "Key": "deregistration_delay.timeout_seconds",
            "Value": "300"
        },
        {
            "Key": "target_group_health.dns_failover.minimum_healthy_targets.count",
            "Value": "1"
        },
        {
            "Key": "stickiness.app_cookie.cookie_name",
            "Value": ""
        },
        {
            "Key": "stickiness.type",
            "Value": "lb_cookie"
        },
        {
            "Key": "stickiness.lb_cookie.duration_seconds",
            "Value": "86400"
        },
        {
            "Key": "slow_start.duration_seconds",
            "Value": "0"
        },
        {
            "Key": "stickiness.app_cookie.duration_seconds",
            "Value": "86400"
        },
        {
            "Key": "target_group_health.dns_failover.minimum_healthy_targets.percentage",
            "Value": "off"
        },
        {
            "Key": "load_balancing.cross_zone.enabled",
            "Value": "use_load_balancer_configuration"
        },
        {
            "Key": "load_balancing.algorithm.type",
            "Value": "round_robin"
        }
    ]
}

Simon Fels (morphis)
Changed in anbox-cloud:
importance: Undecided → High
assignee: nobody → Simon Fels (morphis)
milestone: none → 1.17.1
status: New → In Progress
Simon Fels (morphis)
Changed in anbox-cloud:
milestone: 1.17.1 → 1.18.0
Simon Fels (morphis)
Changed in anbox-cloud:
status: In Progress → Fix Committed
Simon Fels (morphis)
Changed in anbox-cloud:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.