You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Enforcer container fails to start without sites configured. NginxIC container also fails to start, waiting for the enforcer container.
To Reproduce
Deploy the Helm chart with Nginx App Protect V5 enabled, but no resources that uses the WAF. That is, no VirtualServer with apBundle.
Expected behavior
We expect the nginx ic and the enforcer container to start without errors, even when no virtualserver with WAF is deployed.
Your environment
Version of the Ingress Controller - 3.6.0, with Helm chart 1.3.0
Version of Kubernetes: 1.29.9
Kubernetes platform: AKS
Using NGINX Plus
Additional context
Log from the enforcer container:
│ setting memory control callbacks for XML │
│ BD_MISC|CRIT |Aug 13 13:16:22.079|0013|/builds/6x631E1L/0/waf/waf-general/secore/bd/bd/manifest_listener.cpp:0198|failed to get manifest last modification time, err: No such fil │
│ Timeout detected while waiting for configuration. time since last config: 40 BD aborting │
│ BD_MISC|WARN |Aug 13 13:16:22.080|0013|/builds/6x631E1L/0/waf/waf-general/secore/bd/bd/manifest_listener.cpp:0199|Timeout detected while waiting for configuration. time since la │
│ │
│ BD_MISC|ERR |Aug 13 13:16:22.081|0013|/builds/6x631E1L/0/waf/waf-general/secore/bd/bd/manifest_listener.cpp:0114|failed opening manifest out file. path=/opt/app_protect/bd_conf │
│ 2024/08/13 13:16:22 Execution failed: exit status 1
The text was updated successfully, but these errors were encountered:
Hi folks @anderius@janibashamd
We've been in contact with the team that owns the development of this component of AppProtect v5. They are working on ensure the waf-enforcer wont crash in this scenario.
As soon as we have more info, we'll share it in this thread.
Describe the bug
Enforcer container fails to start without sites configured. NginxIC container also fails to start, waiting for the enforcer container.
To Reproduce
Deploy the Helm chart with Nginx App Protect V5 enabled, but no resources that uses the WAF. That is, no VirtualServer with apBundle.
Expected behavior
We expect the nginx ic and the enforcer container to start without errors, even when no virtualserver with WAF is deployed.
Your environment
Additional context
Log from the enforcer container:
The text was updated successfully, but these errors were encountered: