TAP GUI pages (SupplyChain, RRV, etc) show "No records to display" intermittently after scaling out TAP-GUI server instances
Article ID: 297881
Updated On:
Products
VMware Tanzu Application Service for VMs
Issue/Introduction
- Some TAP GUI pages (SupplyChain, RRV, etc) show "No records to display" intermittently however this is not a truth as it can be confirmed there are existing workload resources via command tanzu apps workload list -A
- This issue happens intermittently and the GUI pages are able to display the resources by attempting another login
- This issue starts to happen after scaling out the tap-gui server instances (This can be achieved by setting replica numbers for tap-gui server)
- This issue happens intermittently and the GUI pages are able to display the resources by attempting another login
- This issue starts to happen after scaling out the tap-gui server instances (This can be achieved by setting replica numbers for tap-gui server)
tap_gui:
deployment:
replicas: 3
- When the TAP-GUI pages are not functioning:
- When the TAP-GUI pages are functioning:
Environment
Product Version: 1.3
Resolution
The root cause of the issue is that the sessions are not shared across server instances, so if the authentication is enabled for TAP GUI, then scaling out the server instances will make the requests in a round-robin fashion. A successful login can be routed to an instance that is not logged in so the pages will display no records.
Currently the Tanzu Application Platform product team is still working on a permanent fix. Contour's Session Affinity can be utilized to mitigate the issue before the fix is released. With this method, the same logged-in user will be routed to the same server instance.
1. Create the following overlay to enable Session Affinity for HTTPProxy in TAP GUI
Currently the Tanzu Application Platform product team is still working on a permanent fix. Contour's Session Affinity can be utilized to mitigate the issue before the fix is released. With this method, the same logged-in user will be routed to the same server instance.
1. Create the following overlay to enable Session Affinity for HTTPProxy in TAP GUI
$ cat EOF > tap-gui-session-affinity.yaml
#@ load("@ytt:overlay", "overlay")
#@overlay/match by=overlay.subset({"kind":"HTTPProxy","metadata":{"name":"tap-gui"}})
---
spec:
routes:
#@overlay/match by=overlay.subset({"services": [{"name": "server"}]})
- services: []
#@overlay/match missing_ok=True
loadBalancerPolicy:
strategy: Cookie
EOF
2. Create a Secret for the overlay
$ kubectl -n tap-install create secret generic tap-gui-session-affinity \ -o yaml \ --dry-run=client \ --from-file=tap-gui-session-affinity.yaml\ | kubectl apply -f-3. Set the secret name of the created overlay to package_overlays in tap-values.yaml as follows:
package_overlays: - name: tap-gui secrets: - name: tap-gui-session-affinity4. Update the tap package
$ tanzu package installed update -n tap-install tap -f tap-values.yaml
Feedback
Yes
No
Powered by
