-
Bug
-
Resolution: Done
-
Minor
-
None
-
4.13, 4.12.z, 4.11.z, 4.14.z, 4.15
-
None
-
Quality / Stability / Reliability
-
False
-
-
3
-
None
-
No
-
None
-
None
-
None
-
OSDOCS Sprint 250
-
1
-
Done
-
Release Note Not Required
-
None
-
None
-
None
-
None
-
None
Description of problem:
In the example LB configuration, below two options should be removed for machine config server port 22623 as the example configuration uses TCP Layer-4 mode for load balancing, and the `httpchk' option is used for enabling the HTTP protocol to check on the server health.
listen machine-config-server-22623 bind *:22623 mode tcp option httpchk GET /readyz HTTP/1.0 <---- this option log-health-checks <---- this balance roundrobin server bootstrap bootstrap.ocp4.example.com:6443 verify none check check-ssl inter 10s fall 2 rise 3 backup server control-plane0 control-plane0.ocp4.example.com:6443 weight 1 verify none check check-ssl inter 10s fall 2 rise 3 server control-plane1 control-plane1.ocp4.example.com:6443 weight 1 verify none check check-ssl inter 10s fall 2 rise 3 server control-plane2 control-plane2.ocp4.example.com:6443 weight 1 verify none check check-ssl inter 10s fall 2 rise 3 listen ingress-router-443
If these HTTP options are used in the LB config, the requests fail with an error:
OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api-int.ocp.example.com:22623
Version-Release number of selected component (if applicable):
4.11, 4.12, 4.13, 4.14, 4.15
Additional info:
It was not mentioned until OCP 4.10 however from 4.11, it got added in the LB configuration.
- documents
-
-
- Closed
-
-
-
- Closed
-