Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-33010

installation failing if proxy set with % character in the credentials

XMLWordPrintable

    • Critical
    • No
    • False
    • Hide

      None

      Show
      None
    • Hide
      What: If a cluster is installed using proxy and the proxy information contains escaped characters in the format "%XX" the installation fails.
      Fix: the Installer now handles the escaping of the % character.
      Show
      What: If a cluster is installed using proxy and the proxy information contains escaped characters in the format "%XX" the installation fails. Fix: the Installer now handles the escaping of the % character.
    • Bug Fix
    • In Progress

      This is a clone of issue OCPBUGS-32259. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-27965. The following is the description of the original issue:

      Description of problem:

          If a cluster is installed using proxy and the username used for connecting to the proxy contains the characters "%40" for encoding a "@" in case of providing a doamin, the instalation fails. The failure is because the proxy variables implemented in the file "/etc/systemd/system.conf.d/10-default-env.conf" in the bootstrap node are ignored by systemd. This issue seems was already fixed in MCO (BZ 1882674 - fixed in RHOCP 4.7), but looks like is affecting the bootstrap process in 4.13 and 4.14, causing the installation to not start at all.

      Version-Release number of selected component (if applicable):

          4.14, 4.13

      How reproducible:

          100% always

      Steps to Reproduce:

          1. create a install-config.yaml file with "%40" in the middle of the username used for proxy.
    2. start cluster installation.
    3. bootstrap will fail for not using proxy variables.

      Actual results:

      Installation fails because systemd fails to load the proxy varaibles if "%" is present in the username.

      Expected results:

          Installation to succeed using a username with "%40" for the proxy.

      Additional info:

      File "/etc/systemd/system.conf.d/10-default-env.conf" for the bootstrap should be generated in a way accepted by systemd.    

            [OCPBUGS-33010] installation failing if proxy set with % character in the credentials

            Errata Tool added a comment -

            Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

            For information on the advisory (Important: OpenShift Container Platform 4.14.24 bug fix and security update), and where to find the updated files, follow the link below.

            If the solution does not work for you, open a new bug report.
            https://access.redhat.com/errata/RHSA-2024:2668

            Errata Tool added a comment - Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Important: OpenShift Container Platform 4.14.24 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2024:2668

            Gaoyun Pei added a comment -

            Tried the same scenario with 4.14.0-0.nightly-2024-05-02-211455, with setting "gpei%40test" to specify "gpei@test" user name in the proxy field of install-config.yaml

            proxy:
            httpProxy: http://gpei%40test:redhat@xxx:3128
            httpsProxy: http://gpei%40test:redhat@xxx:3128

            The installation could be finished successfully.

            [root@preserve-gpei-worker k_files]# oc get proxy cluster -o yaml
            apiVersion: config.openshift.io/v1
            kind: Proxy
            metadata:
            creationTimestamp: "2024-05-04T07:12:20Z"
            generation: 1
            name: cluster
            resourceVersion: "524"
            uid: 2e1e6d77-e4d1-4d4f-9d9f-b06874363f6c
            spec:
            httpProxy: http://gpei%40test:redhat@xxx:3128
            httpsProxy: http://gpei%40test:redhat@xxx:3128
            noProxy: test.no-proxy.com
            trustedCA:
            name: ""
            status:
            httpProxy: http://gpei%40test:redhat@xxx:3128
            httpsProxy: http://gpei%40test:redhat@xxx:3128
            noProxy: .cluster.local,.svc,10.0.0.0/16,10.128.0.0/14,127.0.0.1,172.30.0.0/16,api-int.gpei-0429a.qe.devcluster.openshift.com,localhost,test.no-proxy.com

            Gaoyun Pei added a comment - Tried the same scenario with 4.14.0-0.nightly-2024-05-02-211455, with setting "gpei%40test" to specify "gpei@test" user name in the proxy field of install-config.yaml proxy: httpProxy: http://gpei%40test:redhat@xxx:3128 httpsProxy: http://gpei%40test:redhat@xxx:3128 The installation could be finished successfully. [root@preserve-gpei-worker k_files] # oc get proxy cluster -o yaml apiVersion: config.openshift.io/v1 kind: Proxy metadata: creationTimestamp: "2024-05-04T07:12:20Z" generation: 1 name: cluster resourceVersion: "524" uid: 2e1e6d77-e4d1-4d4f-9d9f-b06874363f6c spec: httpProxy: http://gpei%40test:redhat@xxx:3128 httpsProxy: http://gpei%40test:redhat@xxx:3128 noProxy: test.no-proxy.com trustedCA: name: "" status: httpProxy: http://gpei%40test:redhat@xxx:3128 httpsProxy: http://gpei%40test:redhat@xxx:3128 noProxy: .cluster.local,.svc,10.0.0.0/16,10.128.0.0/14,127.0.0.1,172.30.0.0/16,api-int.gpei-0429a.qe.devcluster.openshift.com,localhost,test.no-proxy.com

              rdossant Rafael Fonseca dos Santos
              openshift-crt-jira-prow OpenShift Prow Bot
              Gaoyun Pei Gaoyun Pei
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: