octavia

New pool members receive traffic without a healthcheck

Bug #2017897 reported by kay on 2023-04-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	octavia	New	Undecided	Unassigned

Bug Description

When a pool has a health check, new pool members start receiving traffic right away. This causes an issue when a new TCP pool member is not reachable for some reason.

The expected behavior: when a pool has a health check, new pool members must be marked offline until the health check is successful.

See https://github.com/kubernetes/cloud-provider-openstack/issues/2148

Tags:

kay (kay-diam) on 2023-04-27

tags:

added: member pool

Revision history for this message

Gregory Thiemonge (gthiemonge) wrote on 2023-04-28:

Hi,

Do you have more details about that? (the configuration of the octavia resources: lb, listener, pool, hm, etc...)
What release do you use? What is the distrib (and haproxy version) of the amphora?

I did a quick test in my env: haproxy forwarded all the requests to the "ONLINE" members (it tried to reach the new members but then used the other members after a short delay: 2sec) and I had no failed connections.

Revision history for this message

Michael Johnson (johnsom) wrote on 2023-05-02:

This is probably a health check configuration error. The setting "max_retries_down" defaults to 3, meaning it won't mark a member down until three retry intervals have failed. I think in your use case, you want to set that to 1.
See: https://docs.openstack.org/api-ref/load-balancer/v2/index.html?expanded=create-health-monitor-detail#id106

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.