Application Apply failing when HTTPS is enabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Lucas |
Bug Description
Brief Description
-----------------
When trying to apply a stx-openstack tarball the operation fails when Cinder pod fails to come up.
Severity
-----------------
Critical: Openstack with HTTPS is not usable after the defect.
Steps to Reproduce
-----------------
Install all the required certificates for stx-openstack to work with https on your system
Configure the system to have https enabled
Apply the required stx-openstack overrides for https
Apply the stx-openstack application
Expected Behavior
-----------------
Application finishes the apply procedure and is available for use.
Actual Behavior
-----------------
Application apply procedure fails when Cinder pod is being created.
Reproducibility
-----------------
Reproducible
System Configuration
-----------------
Observed on Simplex, but might be Any
Branch/Pull Time/Commit
-----------------
master
Last Pass
-----------------
Aug/2021
Timestamp/Logs
-----------------
Describe cinder-api pod:
Warning Unhealthy 43m (x2 over 155m) kubelet, controller-0 Readiness probe failed: dial tcp 172.16.
Ingress seems to be wrongly configured since requests to services fqdn (cinder.myhost.com) are timing out with a response:
[root@bootstrap-xxx tmp]# curl -g -i -k --cacert "/etc/ssl/
HTTP/1.1 504 Gateway Time-out
Date: Thu, 13 Jan 2022 21:14:00 GMT
Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Strict-
<html>
<head><title>504 Gateway Time-out<
<body>
<center><h1>504 Gateway Time-out<
<hr><center>
</body>
[root@bootstrap-xxx tmp]# curl -g -i -k --cacert "/etc/ssl/
ingress-
And requests directly to services are reaching the desired pods but the response is getting lost on its way back:
[root@bootstrap-xxx tmp]# curl -g -i -k --cacert "/etc/ssl/
^C
20:21:49.517116 IP (tos 0x0, ttl 63, id 21274, offset 0, flags [DF], proto TCP (6), length 60)
⦙ 172.16.
20:21:49.517135 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
⦙ cinder-
20:21:49.517157 IP (tos 0x0, ttl 63, id 21275, offset 0, flags [DF], proto TCP (6), length 52)
⦙ 172.16.
20:21:49.517205 IP (tos 0x0, ttl 63, id 21276, offset 0, flags [DF], proto TCP (6), length 407)
⦙ 172.16.
20:21:49.517209 IP (tos 0x0, ttl 64, id 22021, offset 0, flags [DF], proto TCP (6), length 52)
⦙ cinder-
20:22:51.036268 IP (tos 0x0, ttl 63, id 21277, offset 0, flags [DF], proto TCP (6), length 52)
⦙ 172.16.
20:22:51.036287 IP (tos 0x0, ttl 64, id 22022, offset 0, flags [DF], proto TCP (6), length 52)
⦙ cinder-
20:23:03.863893 IP (tos 0x0, ttl 63, id 21278, offset 0, flags [DF], proto TCP (6), length 52)
⦙ 172.16.
20:23:03.904233 IP (tos 0x0, ttl 64, id 22023, offset 0, flags [DF], proto TCP (6), length 52)
⦙ cinder-
Test Activity
-----------------
Developer Testing.
Workaround
-----------------
No workaround.
Changed in starlingx: | |
status: | New → In Progress |
Changed in starlingx: | |
assignee: | nobody → Lucas (lcavalca) |
Changed in starlingx: | |
importance: | Undecided → Medium |
tags: | added: stx.7.0 stx.distro.openstack |
Fix proposed to branch: master /review. opendev. org/c/starlingx /helm-charts/ +/828815
Review: https:/