OpenShift Router doesn't work as a delegated gateway

[lahabana]

Description

We doing delegated gateway with OCP router we're having issues linking to an external service.

This seems to be mainly caused by the fact that OCP router supports externalName by resolving externalNames from the controller talking to K8s DNS instead of from the router container (which would have the DNS hijacked). Here's the router config when doing this:

    os_http_be.map
^echo-service-externalname-meshservices\.apps2\.decoste-ocp3\.zfq3\.p1\.openshiftapps\.com\.?(:[0-9]+)?(/.*)?$ be_http:meshservices:echo-service-externalname

    haproxy.config
    backend be_http:meshservices:echo-service-externalname
  mode http
  option redispatch
  option forwardfor
  balance leastconn

  timeout check 5000ms
  http-request add-header X-Forwarded-Host %[req.hdr(host)]
  http-request add-header X-Forwarded-Port %[dst_port]
  http-request add-header X-Forwarded-Proto http if !{ ssl_fc }
  http-request add-header X-Forwarded-Proto https if { ssl_fc }
  http-request add-header X-Forwarded-Proto-Version h2 if { ssl_fc_alpn -i h2 }
  http-request add-header Forwarded for=%[src];host=%[req.hdr(host)];proto=%[req.hdr(X-Forwarded-Proto)]
  cookie d69046a1208e8bef7698305f97bd6b20 insert indirect nocache httponly

Note: this results in a backend configuration without a server field which causes the Router to be unable to route requests as there is no set of target IPs.

Possible fixes:

1. Our mesh ips should be stable (This would be beneficial anyway as stated in #4295), if this is done the user would manually populate the service with an endpoint which is this vip.
2. Manually create this service with custom endpoints or populate the K8s DNS record with our vips.
3. OpenShift router should resolve ips from the router rather than from the controller.

[github-actions[bot]]

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[slonka]

Haven't seen any PRs related to OpenShift Router - removing stale.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

[github-actions[bot]]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.