dashboard icon indicating copy to clipboard operation
dashboard copied to clipboard

Published 20 hours ago verified publisher icon rancher

[2.7.0] v2.6.x UI sets wrong cluster: server url

Open gaktive opened this issue 2 years ago • 1 comments

Internal reference: SURE-4775 Reported in 2.6.4+

Issue description: The UI sets wrong cluster for the server URL. This changed behaviour in Rancher v2.6 compared to 2.5 makes extra work because the wrong URL has to be manually corrected by the sysadmins.

Business impact: All the developers who access Rancher via Rancher web interface get the wrong URL in kubectl and cannot access the cluster in kubernetes CLI

Repro steps:

  • Download the KubeConfig in Rancher v2.6.4 UI
  • Select your cluster than click on the "Download KubeConfig" button and save the yaml file.
  • Check the cluster: server URL

Additional details: Because of security and network set up, this reported case has a setup that uses 2 different https endpoints for the rancher web interface / api interface.

Workaround: Manually fix the server via kubectl across all namespaces

Possible fix: Introduce a possibility to determine the server url used when downloading the kubeconfig yourself or to undo the change.

And introduce a global setting "kubeconfig-server-url", which can be determined individually by administrators and, for example, enables a different one address to the global setting "server-url".

Actual behavior:

The previous Rancher version Rancher v2.5.12 UI provided the right server url in KubeConfig file.

The code changes in pkg/api/norman/customization/cluster/actions_kubeconfig.go introduced code change:

host := settings.ServerURL.Get()
        if host == ""

{                 host = apiContext.Request.Host         }
else {
                u, err := url.Parse(host)
                if err == nil

{                         host = u.Host                 }
else

{                         host = apiContext.Request.Host                 }
        }

See changes: https://github.com/rancher/rancher/commit/80e3886567ba4cbb164fedbd9c97bfcec3c5d33e

In Rancher 2.6, this change was introduced and caused the user a major problem when they upgraded from 2.5.12 to 2.6.4.

Since this change, which has been available since 2.6.0, the user setup, which has 2 different addresses, sets the wrong https endpoint, when downloading and creating the Kubeconfig file.

Expected behavior: A global setting "kubeconfig-server-url", which can be determined individually by administrators and, for example, enables a different one address to the global setting "server-url".

gaktive avatar Aug 04 '22 17:08 gaktive

Separate ticket required for a backport for 2.6.8.

gaktive avatar Aug 08 '22 16:08 gaktive

We're pausing on anything here until backend reviews the design around multiple URLs for the same setup.

gaktive avatar Aug 26 '22 23:08 gaktive

This is working as designed. As noted by PM, "Solutions like ACE exist to allow users to set different urls per cluster and should fulfil this need more appropriately than configuring urls in Rancher directly".

gaktive avatar Mar 13 '23 17:03 gaktive