Redirect to https does not replace the http port correctly when specifying use-port-in-redirects in configmap #1882
Comments
|
@cristic83 please use |
|
Please reopen if the issue persists after the update |
|
Hi, the issue persists with version 0.304:
< HTTP/1.1 308 Permanent Redirect |
|
Hi @aledbf, I am not allowed to reopen the issue, so this is just to let you know that the issue stil isn't fixed in the version 0.304, as described in the above comment. |
|
@cristic83 please use |
|
@aledbf : The issue is still not fixed in version 0.307. The error is the same as above. By looking at the commit, we think that the issue is that the variable best_http_host (its value is "my-domain:8080") is used when the https redirect is required. |
|
@valentinabojan an you post the configuration you are using? This is the output using the flag --https-port=1234 $ curl -v http://$(minikube ip):31527 -H 'Host: echoheaders.uswest2-01.rocket-science.io'
* Rebuilt URL to: http://192.168.99.100:31527/
* Trying 192.168.99.100...
* TCP_NODELAY set
* Connected to 192.168.99.100 (192.168.99.100) port 31527 (#0)
> GET / HTTP/1.1
> Host: echoheaders.uswest2-01.rocket-science.io
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 308 Permanent Redirect
< Date: Wed, 17 Jan 2018 12:28:08 GMT
< Content-Type: text/html
< Content-Length: 180
< Connection: keep-alive
< Location: https://echoheaders.uswest2-01.rocket-science.io:1234/
< Strict-Transport-Security: max-age=15724800; includeSubDomains;
<
<html>
<head><title>308 Permanent Redirect</title></head>
<body bgcolor="white">
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host 192.168.99.100 left intact |
|
@aledbf Here are the arguments used to run the ingress controller: |
|
@valentinabojan can you post a curl request please? |
|
curl http://my-domain:8080/health -v |
|
@valentinabojan thanks |
|
@aledbf : I suppose that testing with: -H 'Host: echoheaders.uswest2-01.rocket-science.io' in the curl request prevents the bug from appearing, because the http port is not present there. |
|
@aledbf Indeed, @cristic83 is right. Adding the Host header makes the request to return the expected result, while not adding the Host header reproduces the bug. Below I will add the two scenarios:
|
|
@valentinabojan @cristic83 please use |
|
@aledbf Unfortunately, version 0.309 doesn't solve our issue. Executing **curl http://my-domain:8080/health -v ** still results into the same wrong location: |
|
@valentinabojan @cristic83 please use |
That was the issue. The best_http_host contained the host + port. |
|
@aledbf Indeed, the last version solved our issue. Thank a lot for your help! |
NGINX Ingress controller version:
quay.io/aledbf/nginx-ingress-controller:0.296
Kubernetes version (use kubectl version):
oc v3.6.1+008f2d5
kubernetes v1.6.1+5115d708d7
Environment:
Cloud provider or hardware configuration: AWS
OS (e.g. from /etc/os-release):
NAME="Red Hat Enterprise Linux Server"
VERSION="7.2 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="7.2"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.2 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.2:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.2
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.2"
Kernel (e.g. uname -a):
Linux ip-10-0-110-21.eu-west-1.compute.internal 3.10.0-327.el7.x86_64 #1 SMP Thu Oct 29 17:29:29 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
Install tools:
OpneShift
What happened:
Using a configuration map specified with the config flag --configmap that contains use-port-in-redirects: "true", the nginx-ingress controller doesn't work properly:
`curl http://my-domain:8080/health -v
Trying 127.0.0.1...
Connected to my-domain (127.0.0.1) port 8080 (#0)
GET /health HTTP/1.1
Host: my-domain:8080
User-Agent: curl/7.47.0
Accept: /
< HTTP/1.1 301 Moved Permanently
< Server: nginx/1.13.7
< Date: Fri, 05 Jan 2018 12:24:51 GMT
< Content-Type: text/html
< Content-Length: 185
< Connection: keep-alive
< Location: https://my-domain:8080:8843/health`
The text was updated successfully, but these errors were encountered: