5

Hope you are all well,

I am currently trying to rollout the awx-operator on to a Kubernetes Cluster and I am running into a few issues with going to the service from outside of the cluster.

Currently I have the following services set up:

NAME                   TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)             AGE
awx                    NodePort    10.102.30.6      <none>        8080:32155/TCP      110m
awx-operator           NodePort    10.110.147.152   <none>        80:31867/TCP        125m
awx-operator-metrics   ClusterIP   10.105.190.155   <none>        8383/TCP,8686/TCP   3h17m
awx-postgres           ClusterIP   None             <none>        5432/TCP            3h16m
awx-service            ClusterIP   10.102.86.14     <none>        80/TCP              121m
kubernetes             ClusterIP   10.96.0.1        <none>        443/TCP             17h

I did set up a NodePort which is called awx-operator. I did attempt to create an ingress to the application. You can see that below:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: awx-ingress
spec:
  rules:
  - host: awx.mycompany.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: awx
            port:
              number: 80

When I create the ingress, and then run kubectl describe ingress, I get the following output:

Name:             awx-ingress
Namespace:        default
Address:
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host               Path  Backends
  ----               ----  --------
  awx.mycompany.com
                     /   awx:80 (10.244.1.8:8080)
Annotations:         <none>
Events:              <none>

Now I am not too sure whether the default-http-backend:80 error is a red-herring as I have seen this in a number of places and they don't seem too worried about it, but please correct me if I am wrong.

Please let me know whether there is anything else I can do to troubleshoot this, and I will get back to you as soon as I can.

Wytrzymały Wiktor
  • 11,492
  • 5
  • 29
  • 37
jacklikethings
  • 73
  • 1
  • 9
  • You can ignore default backend. You probably picked a wrong service/port for the ingress. Try `awx-service` with port `80` or `awx` with port `8080`. – anemyte May 12 '21 at 12:51
  • Thanks for that I will try it now, but before I do. I have seen a couple of places that use `kubectl create` and not `kubectl apply` . What is the difference? – jacklikethings May 12 '21 at 12:56
  • See this answer https://stackoverflow.com/a/47389305/11344502 – anemyte May 12 '21 at 12:57
  • Hi running the ingress on `awx-service` and on port 80 I get the following output when I run `kubectl get ingress`: `NAME CLASS HOSTS ADDRESS PORTS AGE awx-ingress awx.mycompany.com 80 72s` I have a feeling the fact that the address is blank is the issue. – jacklikethings May 12 '21 at 13:03

3 Answers3

2

You are right and the blank address is the issue here. In traditional cloud environments, where network load balancers are available on-demand, a single Kubernetes manifest suffices to provide a single point of contact to the NGINX Ingress controller to external clients and, indirectly, to any application running inside the cluster.

Bare-metal environments on the other hand lack this option, requiring from you a slightly different setup to offer the same kind of access to external consumers:

Bare-metal environment

This means you have to do some additional gymnastics to make the ingress work. And you have basically two main options here (all well described here):

What is happening here is that you basically creating a service type NodePort with selector that matches your ingress controller pod and then it's routes the traffic accordingly to your ingress object:

# Source: ingress-nginx/templates/controller-service.yaml
apiVersion: v1
kind: Service
metadata:
  annotations:
  labels:
    helm.sh/chart: ingress-nginx-3.30.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.46.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: controller
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  type: NodePort
  ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: http
    - name: https
      port: 443
      protocol: TCP
      targetPort: https
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/component: controller

Full nginx deployment that conatains that service can be found here.

If you wish to skip the ingress you might be just using the nodePort service awx and reach it directly.

acid_fuji
  • 6,287
  • 7
  • 22
1

I am using Kubernetes 1.22 and the operator version 0.14.0.

I have a Kubernetes baremetal installation and I have to use ingress. The ingress provided with the operator is not compatible with the version of kubernetes I am using so I had to define it myself. I am using Ansible but you could work out the values for the variables :)

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: {{ awx_deployment_name }}-ingress-unmanaged
  namespace: {{ awx_namespace }}
  annotations:
    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
spec:
  ingressClassName: nginx
  rules:
  - host: {{ awx_host }}
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: {{ awx_deployment_name }}-service
            port:
              number: 80
  tls:
  - hosts:
    - {{ awx_host }}
    secretName: {{ awx_tls_secret}}
Amy
  • 1,114
  • 13
  • 35
Leonardo Marini
  • 11
  • 1
0

you can simply expose the deployment to a service type LoadBalancer

the following command creates a service with a type loadBalancer

kubectl expose deployment awx-demo --port=80 --target-port=8052 --name=awx-lb --type=LoadBalancer

user8832381
  • 191
  • 1
  • 2
  • I tried this and then I see this: `service/awx-lb LoadBalancer 10.43.217.56 80:31572/TCP 53s` and the never changes to an ip. – Red Cricket Dec 05 '22 at 21:00