Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-12710

NodePort Services cannot be accessed over the Console FQDN with OVN Kubernetes

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: Normal Normal
    • None
    • 4.12
    • Networking / ovn-kubernetes
    • None
    • No
    • SDN Sprint 243
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      With OpenShift SDN, it is possible to access a NodePort Service by connecting to the Console's Route FQDN. For example:

  ssh cloud-user@console-openshift-console.apps.cnv2.engineering.redhat.com -p 30997

where 30997 is the port assigned to a NodePort Service.

This is very convenient: This FQDN is predictable, and it is safe to assume it is reachable even if the nodes are not (e.g. when running OpenShift on OSP, with Console exposed over a floating IP).

While the same can be achieved with OVN Kubernetes when routingViaHost is enabled, it cannot be done with the default OVN Kubernetes configuration.

      Version-Release number of selected component (if applicable):

      Tested on OpenShift 4.12.13

      How reproducible:

      Always

      Steps to Reproduce:

      1. Define a NodePort Service
2. Try to access it, using the Console Route FQDN as the address

      Actual results:

      The connection hangs.

      Expected results:

      I can connect to the Service.

      Additional info:

      This affected OpenShift Virtualization SSH flow: https://bugzilla.redhat.com/show_bug.cgi?id=2165895

            sseethar Surya Seetharaman
            phoracek@redhat.com Petr Horacek
            Anurag Saxena Anurag Saxena
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: