Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-7656

Console with custom route can not be accessed when the console is enabled after cluster upgrade

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • 4.16.0
    • 4.13.0
    • Management Console
    • None
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      The console redirect service had the same service ca controller annotation as the console service. This caused the service CA controller to sometimes incorrectly sync CA certs for these services, and the console would not function correctly after removing and reinstalling. We updated the console operator to remove this service ca annotation from the console redirect service as it was unnecessary. The console services and CA certs now function as expected when the operator transitions from a removed to a managed state.
      Show
      The console redirect service had the same service ca controller annotation as the console service. This caused the service CA controller to sometimes incorrectly sync CA certs for these services, and the console would not function correctly after removing and reinstalling. We updated the console operator to remove this service ca annotation from the console redirect service as it was unnecessary. The console services and CA certs now function as expected when the operator transitions from a removed to a managed state.
    • Bug Fix
    • In Progress

      Description of problem:

      When console with custom route is disabled before cluster upgrade, and re-enabled after cluster upgrade, console could not be accessed successfully.

      Version-Release number of selected component (if applicable):

      4.13.0-0.nightly-2023-02-15-111607

      How reproducible:

      Always

      Steps to Reproduce:

      1. Launch a cluster with available update.
2. Create custom route for console in ingress configuration:
# oc edit ingresses.config.openshift.io cluster
spec:
  componentRoutes:
  - hostname: console-openshift-custom.apps.qe-413-0216.qe.devcluster.openshift.com
    name: console
    namespace: openshift-console
  - hostname: openshift-downloads-custom.apps.qe-413-0216.qe.devcluster.openshift.com
    name: downloads
    namespace: openshift-console
  domain: apps.qe-413-0216.qe.devcluster.openshift.com
3. After custom route is created, access console with custom route.
4. Remove console by setting managementState as Removed in console operator:
# oc edit consoles.operator.openshift.io cluster
spec:
  logLevel: Normal
  managementState: Removed
  operatorLogLevel: Normal
5. Upgrade cluster to a target version.
6. Enable console by setting managementState as Managed in console operator:
# oc edit consoles.operator.openshift.io cluster
spec:
  logLevel: Normal
  managementState: Managed
  operatorLogLevel: Normal
7. After console resources are created, access console url.

      Actual results:

      3. Console could be accessed through custom route.
4. Console resources are removed. And all cluster operators are in normal status
# oc get all -n openshift-console
No resources found in openshift-console namespace.

      5. Upgrade succeeds, all cluster operators are in normal status
      6. Console resources are created:

      1. oc get all -n openshift-console
        NAME READY STATUS RESTARTS AGE
        pod/console-69d88985b-bvh46 1/1 Running 0 3m41s
        pod/console-69d88985b-fwhjf 1/1 Running 0 3m41s
        pod/downloads-6b6b555d8d-kn822 1/1 Running 0 3m49s
        pod/downloads-6b6b555d8d-wp6zc 1/1 Running 0 3m49s

      NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
      service/console ClusterIP 172.30.226.112 <none> 443/TCP 3m50s
      service/console-redirect ClusterIP 172.30.147.151 <none> 8444/TCP 3m50s
      service/downloads ClusterIP 172.30.251.248 <none> 80/TCP 3m50s

      NAME READY UP-TO-DATE AVAILABLE AGE
      deployment.apps/console 2/2 2 2 3m47s
      deployment.apps/downloads 2/2 2 2 3m50s

      NAME DESIRED CURRENT READY AGE
      replicaset.apps/console-69d88985b 2 2 2 3m42s
      replicaset.apps/console-6dbdd487d 0 0 0 3m47s
      replicaset.apps/downloads-6b6b555d8d 2 2 2 3m50s

      NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD
      route.route.openshift.io/console console-openshift-console.apps.qe-413-0216.qe.devcluster.openshift.com console-redirect custom-route-redirect edge/Redirect None
      route.route.openshift.io/console-custom console-openshift-custom.apps.qe-413-0216.qe.devcluster.openshift.com console https reencrypt/Redirect None
      route.route.openshift.io/downloads downloads-openshift-console.apps.qe-413-0216.qe.devcluster.openshift.com downloads http edge/Redirect None
      route.route.openshift.io/downloads-custom openshift-downloads-custom.apps.qe-413-0216.qe.devcluster.openshift.com downloads http edge/Redirect None

      7. Could not open console url successfully. There is error info for console operator:

      1. oc get co | grep console
        console 4.13.0-0.nightly-2023-02-15-202607 False False False 42s RouteHealthAvailable: route not yet available, https://console-openshift-custom.apps.qe-413-0216.qe.devcluster.openshift.com returns '503 Service Unavailable'
      2. oc get clusterversions.config.openshift.io
        NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
        version 4.13.0-0.nightly-2023-02-15-202607 True False 4h48m Error while reconciling 4.13.0-0.nightly-2023-02-15-202607: the cluster operator console is not available

      Expected results:

      7. Should be able to access console successfully.

      Additional info:

            rh-ee-jonjacks Jon Jackson
            rhn-support-yanpzhan Yanping Zhang
            Yanping Zhang Yanping Zhang
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: