Cannot get multi-path working #1120
Comments
|
In an interesting twist, I switch the services. It invokes both services for the path root. But:
I could work around the second problem by giving each service a context path if the health checks didn't require a 200 from the root. |
By default you get a GCE ingress controller running. Because of this:
|
|
I found a workaround. Using these paths works: Note that I clicked on every link in the Node app and couldn't locate a single 404! YAY! curl seemed happy, too. The question I have is how come I couldn't find an example using a wildcard in the path in all the documentation on Ingress? The only reason I thought of it was because I figured out that GKE was using GCE URL Maps under the hood, and learned that it supports wild cards. I did locate these discussions, which leave this as an open issue. It has just been a long 10+ hour confusing ride due to documentation not being clear on this. And, to be sure, Google is #1 to earn credit here because I started out with and learned about Ingress from their GKE Setting up HTTP Load Balancing with Ingress documentation where their fanout example shows a root and a context under it pointing to two services WITHOUT asterisks! That was the example I started with, and the config I have been trying to get working. They really do need to update that page, and explain the impact of having or not having a wild card. Hopefully, someone finds this issue in the first hour of their Ingress adventure. :) |
|
I am facing the same issue using Nginx Ingress on AWS. Unfortunately it took me 10+ hours to find this thread. :( |
|
I sorted out by adding nginx.ingress.kubernetes.io/rewrite-target annotation. I'm using LetsEncrypt and not allowing http, but https. apiVersion: extensions/v1beta1 |
|
I have a similar issue with Azure AKS (v1.9.6) and a nginx (nginx-ingress-controller-0.15.0) : I want to have different paths to route requests to different backends. The following configuration works, but when I request "https://xxx/iv-da/swagger", the /swagger/v0/swagger.json AJAX call makes a request to "https://xxx/swagger/v0/swagger.json" without the "iv-da" context. How could it keep the context for each backend's inside requests ? |
|
In my case, I had two services, one running at / and another at /ui . I tried several combinations and the only one that worked with K8s 1.10 was http://mydomain.com/* http://mydonain.com/ui/app/index.html Note that for service 2, my tomcat was also initialising at /ui , so the rewrite-target did the trick otherwise, I had to add two "ui" to my url like http://mydonain.com/ui/ui/app/index.html |
@erik777
|
|
@lemonshow remove |
|
It works now! |
|
Maybe I missed somewhere, why I can see the default backend status(I have 2 instances in 2 zones) showing one healthy, one unhealthy in the AWS NLB? |
|
@mleneveut Did you figure out your issue yet? I am also interested in this. I'm serving a web application with socket connections and am unable to get socket.io requests to persist the proper url after using the rewrite target annotation. |
|
@dolphub I ended up doing this : And for the swagger problem, it is inside the code that we need to force the context, it is not an ingress problem. Hope it helps. |
|
Hi, I have the Nginx Ingress running without issues in Production and HTTPS by using LetsEncrypt certificates: I set up a quick repo with the resources I used for the production environment. You need to replace the "test" subdomain with your own and set up the SSL certificates. Hope it helps. |
to make matter worse for me, I had |
|
@nimendra Thank you for leaving that comment! We too had this, which was working until we upgraded from an old ingress-nginx version (0.9.0-beta.11 -> 0.22.0): After many hours, I found your comment and changed to this, which works: |
|
Refer to Step 6 : Serving Multiple Applications on a Load Balancer on this Google Kubernetes Engine tutorial on Setting up HTTP Load Balancing with Ingress. It exactly answers the questions raised in this thread. To route path Ensure that backend services respond with a In our case, we have a So, in our Hope this helps. |
|
Ingress version 0.22.0 or higher has changed the way how rewrite-target works. |
|
In my case, I based my solution in this tutorial and I have the following:
The only way it worked for me was creating 2 ingress, because If I use My solution:
I attached full ingress file yaml. Hope it helps and thank you so much, this thread helped me a lot! |
|
@felipecrescencio if you create 2 ingress, do you have to pay for 2 load balancers in GCP? |
@LorenzoR no with ingress-nginx |
|
If you are using v0.22+, you need to use capture groups. https://kubernetes.github.io/ingress-nginx/examples/rewrite/#rewrite-target apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-rules
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
spec:
tls:
- hosts:
- dl-web.stg.myhost.org
secretName: letsencrypt-prod
rules:
- host: dl-web.stg.myhost.org
http:
paths:
- path: /
backend:
serviceName: dl-web
servicePort: 80
- path: /api(/|$)(.*)
backend:
serviceName: dl-api
servicePort: 3000 |
|
I as well can confirm that I spent upwards of 8 hours on the same issue. Using /* instead of / was the solution. |
|
Everyone is saying that using /* or /api/* works, but it's not working for me. This is my ingress def: apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: hmc-ingress
namespace: hmc
spec:
tls:
- hosts:
- hmc.gms.ca
secretName: ssl-secret
rules:
- host: hmc.gms.ca
http:
paths:
- path: /hmc-shell/*
backend:
serviceName: hmc-shell-service
servicePort: 80when I go to https://hmc.gms.ca/hmc-shell I end up getting the default http backend and not the service running on hmc-shell-service. Argh!! What am I doing wrong? Update: I've tried pouring over the nginx documentation, and using a regex: apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: hmc-ingress
namespace: hmc
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$1$2$3
spec:
tls:
- hosts:
- hmc.gms.ca
secretName: ssl-secret
rules:
- host: hmc.gms.ca
http:
paths:
- path: /(hmc-shell)(/|$)(.*)
backend:
serviceName: hmc-shell-service
servicePort: 80gives me this really weird nginx.conf: What's with the ${literal_dollar} in the location path? Is that an nginx thing? |
Yesss! This worked for me Thanks you!! |
|
I will add my two cents here, even though my issue was a "user problem", but in case anyone generates their YAML using envsubst they might encounter this which took me a while to find and fix. When using So you need to be careful if using envsubst at any dollar sign in the YAML file which will be replaced as it looks like a variable. |
|
@bedeabza here's an esoteric trick for you (bash) to envsubst only exported vars that start with
$ cat in
my $_BAR
not $foo
$ export _BAR=bar
$ envsubst "$(printf '${%s} ' ${!_*})" < in > out
$ cat out
my bar
not $fooCan't recall where I learnt the incantation but I hope it helps |
Could you share the ingress config, I am getting same error(404 error not found). |
and others
I have tried every configuration in the universe.
"work": Can access all URLs without an error in multiple browsers and with curl.
"does not work": Sends back 404 or 502 errors. If you refresh on some URLs with some configs, it can toggle between 3 different error results, two are different 404s.
I have two backend services. They work consistently with port-forward, LoadBalance in the service, and basic ingress without paths.
I get the root to map, but not any service below that in the path.
What I want is "/" to route to a node app in nginx and "/service2" and subsequent services to route to various services used by that app. I couldn't even get "/service1" and "/service2" working without the root path, which matched the examples. I tried following every example, then experimented into the unknown. No matter what I did, no path other than the root one would map successfully to a service.
I am running K8S 1.6.7 on GKE. Having
ingress.kubernetes.io/rewrite-target: /doesn't help. When these errors occur, it is simply not getting to the service.When I am inside a pod, I can curl port 80 of a service no problem.
curl -v http://myservicereturns the expected 200. When I get a 200, on the node app, I get a log from nginx.Note that I did not create any controllers. I am just using
gce. Nevertheless, I tried addingkubernetes.io/ingress.class: "gce"with no effect.I spent over 8 hours trying every possibility I could think of. I deleted and re-created the ingress probably 100-200 times. I even deleted and re-created the cluster.
Going back to the original configuration, where you cannot access either service via the Ingress LB, you consistently get 404 when trying to access the service. I have noticed it is slightly different when I include a slash at the end. Without it, it returns this to curl:
When I add a slash, I get that with the content
default backend - 404. E.g.,Here is the original multi-path config:
This basic config works no matter which service I point it to:
It is only multi-path with anything other than
path: /that does not work.Thank you in advance for your help.
The text was updated successfully, but these errors were encountered: