-
Bug
-
Resolution: Done
-
Normal
-
4.12, 4.11, 4.10
-
Moderate
-
None
-
3
-
Sprint 227, Sprint 228, Sprint 229, Sprint 230, Sprint 231, Sprint 232, Sprint 233, Sprint 234, Sprint 235
-
9
-
Rejected
-
False
-
Description of problem:
PROXY protocol cannot be enabled for the "Private" endpoint publishing strategy type.
Version-Release number of selected component (if applicable):
4.10.0+. PROXY protocol was made configurable for the "HostNetwork" and "NodePortService" endpoint publishing strategy types, but not for "Private", in this release.
How reproducible:
Always.
Steps to Reproduce:
1. Create an ingresscontroller with the "Private" endpoint publishing strategy type:
oc create -f - <<'EOF'
apiVersion: operator.openshift.io/v1
kind: IngressController
metadata:
name: example
namespace: openshift-ingress-operator
spec:
domain: example.com
endpointPublishingStrategy:
type: Private
private:
protocol: PROXY
EOF
2. Check the ingresscontroller's status:
oc -n openshift-ingress-operator get ingresscontrollers/example -o 'jsonpath={.status.endpointPublishingStrategy}'
3. Check whether the resulting router deployment has PROXY protocol enabled.
oc -n openshift-ingress get deployments/router-example -o 'jsonpath={.spec.template.spec.containers[0].env[?(@.name=="ROUTER_USE_PROXY_PROTOCOL")]}'
Actual results:
The ingresscontroller is created:
ingresscontroller.operator.openshift.io/example created
The status shows that the spec.endpointPublishingStrategy.private.protocol setting was ignored:
{"private":{},"type":"Private"}
The deployment does not enable PROXY protocol; the oc get command prints no output.
Expected results:
The ingresscontroller's status should indicate that PROXY protocol is enabled:
{"private":{"protocol":"PROXY"},"type":"Private"}
The deployment should have PROXY protocol enabled:
{"name":"ROUTER_USE_PROXY_PROTOCOL","value":"true"}
Additional info:
This bug report duplicates https://bugzilla.redhat.com/show_bug.cgi?id=2104481 in order to facilitate backports.
- clones
-
OCPBUGS-3559 PROXY protocol is not configurable for "private" endpoint publishing strategy
- Closed
- depends on
-
OCPBUGS-3559 PROXY protocol is not configurable for "private" endpoint publishing strategy
- Closed
- relates to
-
OCPBUGS-36292 "Configuring the PROXY protocol for an Ingress Controller" should say that PROXY protocol can be used with "Private" endpoint publishing strategy type
- Closed
- links to