1

I have an ingress defined as:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: foo-ingress
  annotations:
    kubernetes.io/ingress.global-static-ip-name: zaz-address
    kubernetes.io/ingress.allow-http: "false"
    ingress.gcp.kubernetes.io/pre-shared-cert: foo-bar-com

spec:
  rules:
  - host: foo.bar.com
    http:
      paths:
      - path: /zaz/*
        backend:
          serviceName: zaz-service
          servicePort: 8080

Then the service zap-service is a nodeport defined as:

apiVersion: v1
kind: Service
metadata:
  name: zaz-service
  namespace: default
spec:
  clusterIP: 10.27.255.88
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 32455
    port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app: zap
  sessionAffinity: None
  type: NodePort

The nodeport is successfully selecting the two pods behind it serving my service. I can see in the GKE services list that the nodeport has an IP that looks internal.

When I check in the same interface the ingress, it also looks all fine, but serving zero pods.

When I describe the ingress on the other hand I can see:

Rules:
  Host                                    Path  Backends
  ----                                    ----  --------
  foo.bar.com
                                          /zaz/*   zaz-service:8080 (<none>)

Which looks like the ingress is unable to resolve the service IP. What am I doing wrong here? I cannot access the service through the external domain name, I am getting an error 404.

How can I make the ingress translate the domain name zaz-service into the proper IP so it can redirect traffic there?

Navarro
  • 1,284
  • 2
  • 17
  • 40

2 Answers2

1

Seems like the wildcards in the path are not supported yet. Any reason why not using just the following in your case?

spec:
  rules:
  - host: foo.bar.com
    http:
      paths:
      - path: /zaz
        backend:
          serviceName: zaz-service
          servicePort: 8080
Bernard Halas
  • 972
  • 11
  • 24
  • Tried this too, unfortunately it did not help. – Navarro Jan 31 '19 at 18:52
  • 1
    Do you get a response from a default backend when going to `/some-random-path`? (edit - I see you do). Is the app server doing any redirects? If the app server is not aware of the fact that it doesn't run at the root endpoint, it makes redirects with leaving `/zaz` out. Not sure if that is your case. – Bernard Halas Jan 31 '19 at 19:54
  • 1
    Also this might be helpful: https://stackoverflow.com/questions/54274992/k8s-ingress-rule-for-multiple-paths-in-same-backend-service?rq=1 – Bernard Halas Jan 31 '19 at 19:59
  • The app is expecting traffic on `/`, should I change it to expect `zaz/`? – Navarro Jan 31 '19 at 21:51
  • 1
    Either you make the app expect the traffic on `/zaz` or you apply the `rewrite-target` annotation and set the `rewrite-target` to `/`: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#rewrite Also, are you able to tell from the logs if the 404 is being returned by the default ingress backend? – Bernard Halas Feb 01 '19 at 05:32
1

My mistake was, as expected, not reading the documentation thoroughly.

The port stated in the Ingress path is not a "forwarding" mechanism but a "filtering" one. In my head it made sense that it would be redirecting http(s) traffic to port 8080, which is the one where the Service behind was listening to, and the Pod behind the service too.

Reality was that it would not route traffic which was not port 8080 to the service. To make it cleaner I changed the port in the Ingress from 8080 to 80 and in the Service the front-facing port from 8080 to 80 too.

Now all requests coming from the internet can reach the server successfully.

Navarro
  • 1,284
  • 2
  • 17
  • 40
  • I would recommend posting this type of questions in [ServerFault](https://serverfault.com) as StackOverflow is for Q&A for professional and enthusiast programmers. – Mohibul Mahmud Feb 05 '19 at 21:31