The CC health check endpoint is not checking the connection between the router and the enforcer and just returning the success response if the router is up and running.
Steps to Reproduce
Open the docker-compose.yml file and change value under the ENFORCER_PORT of the router config block (Configure 8082. Correct one is 8081). Need to make this change to break the connection between the router and the enforcer pods.
Start up all 3 pods and invoke the health check endpoint. (Will get the 200 response)
curl https://apim:9095/ready -kv
Trying 192.168.1.105:9095...
Connected to apim (192.168.1.105) port 9095 (#0)
ALPN, offering h2
ALPN, offering http/1.1
TLSv1.0 (OUT), TLS header, Certificate Status (22):
TLSv1.3 (OUT), TLS handshake, Client hello (1):
TLSv1.2 (IN), TLS header, Certificate Status (22):
Description
The CC health check endpoint is not checking the connection between the router and the enforcer and just returning the success response if the router is up and running.
Steps to Reproduce
Open the docker-compose.yml file and change value under the ENFORCER_PORT of the router config block (Configure 8082. Correct one is 8081). Need to make this change to break the connection between the router and the enforcer pods.
Start up all 3 pods and invoke the health check endpoint. (Will get the 200 response)
Trying 192.168.1.105:9095...
Connected to apim (192.168.1.105) port 9095 (#0)
ALPN, offering h2
ALPN, offering http/1.1
TLSv1.0 (OUT), TLS header, Certificate Status (22):
TLSv1.3 (OUT), TLS handshake, Client hello (1):
TLSv1.2 (IN), TLS header, Certificate Status (22):
TLSv1.3 (IN), TLS handshake, Server hello (2):
TLSv1.2 (IN), TLS header, Finished (20):
TLSv1.2 (IN), TLS header, Supplemental data (23):
TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
TLSv1.3 (IN), TLS handshake, Certificate (11):
TLSv1.3 (IN), TLS handshake, CERT verify (15):
TLSv1.3 (IN), TLS handshake, Finished (20):
TLSv1.2 (OUT), TLS header, Finished (20):
TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
TLSv1.2 (OUT), TLS header, Supplemental data (23):
TLSv1.3 (OUT), TLS handshake, Finished (20):
SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
ALPN, server did not agree to a protocol
Server certificate:
subject: C=US; ST=CA; L=Mountain View; O=WSO2; OU=WSO2; CN=localhost
start date: Jan 31 17:52:35 2021 GMT
expire date: Jan 29 17:52:35 2031 GMT
issuer: C=US; ST=CA; L=Mountain View; O=WSO2; OU=WSO2; CN=localhost
SSL certificate verify result: self-signed certificate (18), continuing anyway.
TLSv1.2 (OUT), TLS header, Supplemental data (23):
TLSv1.2 (IN), TLS header, Supplemental data (23):
TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
old SSL session ID is stale, removing
TLSv1.2 (IN), TLS header, Supplemental data (23):
Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < content-length: 19 < content-type: text/plain < date: Wed, 04 Oct 2023 09:31:51 GMT < server: envoy <
Connection #0 to host apim left intact {"status": "ready"}
Then invoke the deployed API and able to see the below response in the client side.
Version
1.0.0
Environment Details (with versions)
No response
Relevant Log Output
No response
Related Issues
No response
Suggested Labels
No response