Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-3071

[4.12][AWS] curl network Loadbalancer always get "Connection time out"

    XMLWordPrintable

Details

    • Critical
    • Approved
    • False
    • Hide

      None

      Show
      None
    • N/A - This was introduced by a cherry-pick during 4.12 with a bug, which was then reverted

    Description

      Description of problem:

      Create network LoadBalancer service, but always get Connection time out when accessing the LB

      Version-Release number of selected component (if applicable):

      4.12.0-0.nightly-2022-10-27-135134

      How reproducible:

      100%

      Steps to Reproduce:

      1. create custom ingresscontroller that using Network LB service

$ Domain="nlb.$(oc get dns.config cluster -o=jsonpath='{.spec.baseDomain}')"
$ oc create -f - << EOF
kind: IngressController
apiVersion: operator.openshift.io/v1
metadata:
  name: nlb
  namespace: openshift-ingress-operator
spec:
  domain: ${Domain}
  replicas: 3
  endpointPublishingStrategy:
    loadBalancer:
      providerParameters:
        aws:
          type: NLB
        type: AWS
      scope: External
    type: LoadBalancerService
EOF


2. wait for the ingress NLB service is ready.

$ oc -n openshift-ingress get svc/router-nlb
NAME         TYPE           CLUSTER-IP      EXTERNAL-IP                                                                     PORT(S)                      AGE
router-nlb   LoadBalancer   172.30.75.134   a765a5eb408aa4a68988e35b72672379-78a76c339ded64fa.elb.us-east-2.amazonaws.com   80:31833/TCP,443:32499/TCP   117s


3. curl the network LB

$ curl a765a5eb408aa4a68988e35b72672379-78a76c339ded64fa.elb.us-east-2.amazonaws.com -I
<hang>

      Actual results:

      Connection time out

      Expected results:

      curl should return 503

      Additional info:

      the NLB service has the annotation:
  service.beta.kubernetes.io/aws-load-balancer-type: nlb

       

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-2946 [AWS] curl network Loadbalancer always get "Connection time out"

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          depends on

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-2946 [AWS] curl network Loadbalancer always get "Connection time out"

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          links to

          GitHub openshift/kubernetes#1405: OCPBUGS-3071: 4.12: revert: 1340: tag AWS security group at creation

          Activity

            People

              joelspeed Joel Speed
              rhn-support-hongli Hongan Li
              Hongan Li Hongan Li
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: