502 Bad Gateway error on IBM Cloud Private

Problem

A 502 Bad Gateway error is displayed after login to IBM® Cloud Private, even though all pods and services are reporting ready. This is an environment configuration issue. The worker nodes have private IP addresses and are unable to communicate with the public IP addresses of the master/proxy node.

Solution

The worker nodes need access to the public IP addresses of the master/proxy, or the static route must be added.

The following procedure must be performed on each worker node (figures used are for example purposes only):
  1. ip route add 9.46.67.210/32 via 10.21.5.227;ip route add 9.46.67.221/32 via 10.21.5.228
  2. Edit the /etc/rc.local file and add the following routes so that they are persisted on restart:
    ip route add 9.46.67.210/32 via 10.21.5.227
ip route add 9.46.67.221/32 via 10.21.5.228

    The 9.46.67.210 is the public ip of master, 32 is the network segment. 10.21.5.227 is the private ip of the master.

    The 9.46.67.221 is the public ip of proxy, 32 is the network segment. 10.21.5.228 is the private ip of the proxy.