Infinite loop if we change the URL of the consolePublicURL and MAsterPublicURL to use the route address
cmoulliard opened this issue · comments
When we create an Openshift route to expose the WebConsole, in order to resolve the address using an external DNS, as such
apiVersion: route.openshift.io/v1
kind: Route
metadata:
labels:
app: openshift-web-console
name: admin
namespace: openshift-web-console
spec:
host: admin-openshift-web-console.192.168.99.50.nip.io
port:
targetPort: https
tls:
termination: passthrough
to:
kind: Service
name: webconsole
weight: 100
wildcardPolicy: None
next reconfigure the configMap of the webconsole to use the Route Address
oc get configmap/webconsole-config -o yaml
apiVersion: v1
data:
webconsole-config.yaml: |
apiVersion: webconsole.config.openshift.io/v1
clusterInfo:
consolePublicURL: https://admin-openshift-web-console.192.168.99.50.nip.io/console/
loggingPublicURL: ''
logoutPublicURL: ''
masterPublicURL: https://admin-openshift-web-console.192.168.99.50.nip.io
metricsPublicURL: ''
extensions:
properties: {}
scriptURLs: []
stylesheetURLs: []
features:
clusterResourceOverridesEnabled: false
inactivityTimeoutMinutes: 0
kind: WebConsoleConfiguration
servingInfo:
bindAddress: 0.0.0.0:8443
bindNetwork: tcp4
certFile: /var/serving-cert/tls.crt
clientCA: ''
keyFile: /var/serving-cert/tls.key
maxRequestsInFlight: 0
namedCertificates: null
requestTimeoutSeconds: 0
kind: ConfigMap
modify the Oauthclient resource
[root@cloud ~]# oc get OAuthClient/openshift-web-console -o yaml
apiVersion: oauth.openshift.io/v1
grantMethod: auto
kind: OAuthClient
metadata:
name: openshift-web-console
redirectURIs:
- https://admin-openshift-web-console.192.168.99.50.nip.io/console
and recreate a new pod
oc scale --replicas=0 deploy/webconsole
oc scale --replicas=1 deploy/webconsole
Then, when we access the web console, the screen is looping continusouly
and the log of the webconsole's pod reports this error
W0518 08:10:08.940019 1 start.go:93] Warning: config.clusterInfo.loggingPublicURL: Invalid value: "": required to view aggregated container logs in the console, web console start will continue.
--
| W0518 08:10:08.940336 1 start.go:93] Warning: config.clusterInfo.metricsPublicURL: Invalid value: "": required to view cluster metrics in the console, web console start will continue.
| I0518 08:10:09.256195 1 start.go:201] OpenShift Web Console Version: v3.9.0+b600d46-dirty
| I0518 08:10:09.256502 1 serve.go:89] Serving securely on 0.0.0.0:8443
| I0518 08:10:19.139673 1 logs.go:41] http2: server: error reading preface from client 10.128.0.1:33750: read tcp4 10.128.0.17:8443->10.128.0.1:33750: read: connection reset by peer
| I0518 08:10:19.342687 1 logs.go:41] http2: server: error reading preface from client 10.128.0.1:33754: read tcp4 10.128.0.17:8443->10.128.0.1:33754: read: connection reset by peer
| I0518 08:10:19.704623 1 logs.go:41] http2: server: error reading preface from client 10.128.0.1:33746: read tcp4 10.128.0.17:8443->10.128.0.1:33746: read: connection reset by peer
| I0518 08:10:37.052718 1 logs.go:41] http2: server: error reading preface from client 10.128.0.1:33796: read tcp4 10.128.0.17:8443->10.128.0.1:33796: read: connection reset by peer
Web Console - Javascript reports API discovery error
You need to set up the corsAllowedOrigins
to allow access from the console route's domain. See the corsAllowedOrigins
discussion in
https://docs.openshift.org/latest/architecture/infrastructure_components/web_console.html#overview
We should do better than loop infinitely, but this will fix the problem.
The infinite loop problem is tracked by openshift/origin-web-console#2758
/close