Uploaded image for project: 'RH-SSO'
  1. RH-SSO
  2. RHSSO-2300

[RH-SSO 7.6.X OpenShift templates] Equip RH-SSO OpenShift templates also spawning a DB pod with default generic DB connection validation checker

    XMLWordPrintable

Details

    • False
    • None
    • False
    • Workaround Exists
    • Hide

      Deploy a custom DB connection validation checker manually after spawning the RH-SSO & DB pods from the particular template.

      Show
      Deploy a custom DB connection validation checker manually after spawning the RH-SSO & DB pods from the particular template.
    • Hide

      How Reproducible:
      Always

      Steps To Reproduce:

      1. # Deploy RH-SSO pod from some template spawning also an accompanied DB pod.
      2. Bring the DB pod down (e.g. by scaling it down to zero)
      3. Liveness probes on the RH-SSO pod will still return "HTTP 200/OK" status even when the DB pod is down.

      Current Result:
      Liveness probe on RH-SSO pod returns "HTTP 200/OK" status even when the DB pod is down / unreachable.

      Expected Result:
      The RH-SSO pod should promptly detect the DB connection is lost and apply appropriate corrective measures.

      Show
      How Reproducible: Always Steps To Reproduce: # Deploy RH-SSO pod from some template spawning also an accompanied DB pod. Bring the DB pod down (e.g. by scaling it down to zero) Liveness probes on the RH-SSO pod will still return "HTTP 200/OK" status even when the DB pod is down. Current Result: Liveness probe on RH-SSO pod returns "HTTP 200/OK" status even when the DB pod is down / unreachable. Expected Result: The RH-SSO pod should promptly detect the DB connection is lost and apply appropriate corrective measures.
    • CIAM Sprint 25, CIAM Sprint 28

    Description

      Originally initiated by SSOSUP-100 report the RH-SSO OpenShift templates, which besides provisioning a RH-SSO pod also deploy a DB pod, so far doesn't implement a DB connection validation checker. This results in a situation, when the liveness probe on the RH-SSO pod is still returning "HTTP 200/OK" status even with a "database lost" issue.

       

      To improve the UX in this kind of situations, and prevent from templates failure in these specific cases, we should follow the articles about setting DB connection validation checkers by default in the templates:

      and regardless of the underlying DB driver used in the deployments, deploy a default generic DB connection validation checker, which is able to detect the DB malfunction on the remote end.

      For example, even for the Oracle JDBC driver, there's an article / guidance on how to implement a lightweight DB connection socket validation checker:

      using the generic "org.jboss.jca.adapters.jdbc.extensions.novendor.JDBC4ValidConnectionChecker".

      Together with this implementation, we will provide an OpenShift guide update, clarifying on how to switch the default DB connection validation checker to be DB provider specific if desired.

       

      Attachments

        Activity

          People

            rh_vmuzikar Václav Muzikář
            rhn-jlieskov Ján Lieskovský
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: