I run the ingress controller and put one annotation for round_robin algorithm to run. but seems there is no event run there. is it ok if no event in my ingress description? what event indicates there?
# kubectl describe ingress -n ingress
Name: nginx-ingress
Namespace: ingress
Address: 192.168.10.10,192.168.10.45
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
website.com
/ website1:80 (10.42.0.139:80,10.42.1.223:80,10.42.2.98:80 + 1 more...)
/website2 website2:80 (10.42.0.140:80,10.42.1.232:80,10.42.2.74:80 + 1 more...)
/website3 website3:80 (10.42.0.141:80,10.42.1.215:80,10.42.2.58:80 + 1 more...)
Annotations: nginx.ingress.kubernetes.io/load-balance: round_robin
Events: <none>
I deploy my ingress with this bro, and I have my ingress class. update 1.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
namespace: ingress
annotations:
nginx.ingress.kubernetes.io/load-balance: ewma
spec:
ingressClassName: nginx
rules:
- host: service.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: service1
port:
number: 80
- path: /service2
pathType: Prefix
backend:
service:
name: service2
port:
number: 80
- path: /service3
pathType: Prefix
backend:
service:
name: service3
port:
number: 80
with another annotation i get the event in my ingress
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 25m (x4 over 113m) nginx-ingress-controller Scheduled for sync
Normal Sync 22m (x39 over 7d2h) nginx-ingress-controller Scheduled for sync
Normal Sync 22m (x41 over 7d2h) nginx-ingress-controller Scheduled for sync
Normal Sync 22m (x22 over 5d10h) nginx-ingress-controller Scheduled for sync
Normal Sync 8m42s (x2 over 9m21s) nginx-ingress-controller Scheduled for sync
# kubectl describe ingress -n ingress
Name: nginx-ingress
Namespace: ingress
Address: 192.168.10.10,192.168.10.45
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
website1.com
/ nginx-deployment:80 (10.42.0.222:80,10.42.1.32:80,10.42.2.155:80 + 1 more...)
/website2 nginx-video:80 (10.42.0.220:80,10.42.1.30:80,10.42.2.153:80 + 1 more...)
/website3 nginx-document:80 (10.42.0.221:80,10.42.1.31:80,10.42.2.154:80 + 1 more...)
Annotations: nginx.ingress.kubernetes.io/affinity: cookie
nginx.ingress.kubernetes.io/affinity-mode: persistent
nginx.ingress.kubernetes.io/session-cookie-expires: 172800
nginx.ingress.kubernetes.io/session-cookie-max-age: 172800
nginx.ingress.kubernetes.io/session-cookie-name: route
nginx.ingress.kubernetes.io/upstream-hash-by: ewma
Events: <none>
This means your cluster has no ingress controller installed. When there's a ingress controller (such as ingress-nginx) installed in your cluster, a series of events will triggered to process your ingress request. These events will show in your describe command.
If you do have ingress controller but it is not registered as the default ingress class for your cluster, you can add the annotation kubernetes.io/ingress.class: <name of your IngressClass, example "nginx"> to your ingress spec or:
apiVersion: networking.k8s.io/v1
kind: Ingress
...
spec:
ingressClassName: <name of your IngressClass, example "nginx">
...
in fact, the sync is not always displayed. when we do changes at the beginning the ingress controller does sync. However, after some time the sync will stop automatically.
Related
Created a kubernetes cluster, and installed ingress-nginx controller. I am getting a 404 not found if i go to the ingress-nginx-controller load balancer external ip that is aa************.us-east-1.elb.amazonaws.com
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
kubectl create namespace ingress-nginx
helm install ingress-nginx -n ingress-nginx ingress-nginx/ingress-nginx
to get the service:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.100.219.162 aa************.us-east-1.elb.amazonaws.com 80:32091/TCP,443:32305/TCP 154m
ingress-nginx-controller-admission ClusterIP 10.100.208.135 <none> 443/TCP 154m
my ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: factory
annotations:
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: factory.**.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: factory
port:
number: 80
- host: api.factory.**.com # myfactoryapi-factorydomain.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: factory
port:
number: 8082
all my namespace
kubectl get namespace
NAME STATUS AGE
default Active 34d
ingress-nginx Active 160m
kerberos-factory Active 34d
kube-node-lease Active 34d
kube-public Active 34d
kube-system Active 34d
mongodb Active 8d
to get my ingress
kubectl get ing -n kerberos-factory
NAME CLASS HOSTS ADDRESS PORTS AGE
factory <none> factory.**.com,api.factory.**.com a****.us-east-1.elb.amazonaws.com 80 65m
to describe the ingress
kubectl describe ing -n kerberos-factory
Name: factory
Namespace: kerberos-factory
Address: a********.us-east-1.elb.amazonaws.com
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
factory.***.com
/ factory:80 (192.168.34.220:80)
api.factory.***.com
/ factory:8082 (192.168.34.220:8082)
Annotations: kubernetes.io/ingress.class: nginx
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 3m8s (x3 over 4m51s) nginx-ingress-controller Scheduled for sync
why am i getting 404 not found
I have used the official Kubernetes-dashboard and was trying to setup an ingress for the dashboard. I have tried to put the ingress into the Kubernetes-dashboard namespace, but the ingress won't show up when I tried kubectl get all -n kubernetes-dashboard. I could still describe the ingress in the same namespace using kubectl get ingress -n kubernetes-dashboard, but the annotations shown up <none>. Can anyone please help me?
Here is my yaml file for the ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dashborad-ingress
namespace: kubernetes-dashboard
spec:
rules:
- host: dashboard.com
http:
paths:
- path: /testpath
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
And the output of kubectl desribe ingress -n kubernetes-dashboard
Name: dashborad-ingress
Namespace: kubernetes-dashboard
Address: 192.168.49.2
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
dashboard.com
kubernetes-dashboard:443 (172.17.0.6:8443)
Annotations: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 4m7s (x5 over 24m) nginx-ingress-controller Scheduled for sync
Any helps would be appreciated.
Annotations displayed as <none> appear to correct behaviour. You haven't defined any in the attached yaml file, so <none> should be displayed.
I have create simple ingress with one annotation to show you how it works. Look at my metadata section:
metadata:
name: my-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
When I describe my ingress by using command: kubectl describe ingress I have this line in the output:
Annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1
However, I see the problem in a completely different place. When you describe ingress you have this line:
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
The default-backend is responsible to deliver the 404-page-not-found error page when you are trying to access a Service that does not have a rule defined or a Service that has not been configured correctly.
Depending on how you set up the cluster, the solutions may be different. However, if you are using bare metal and Minikube you can try to enable ingress addon:
minikube addons enable ingress
or
minikube addons enable ingress --alsologtostderr
Another solution to this addons:
kubectl apply -f https://raw.githubusercontent.com/roelal/minikube/5093d8b21c0931a6c63fa448538761b4bf100ee0/deploy/addons/ingress/ingress-rc.yaml
kubectl apply -f https://raw.githubusercontent.com/roelal/minikube/5093d8b21c0931a6c63fa448538761b4bf100ee0/deploy/addons/ingress/ingress-svc.yaml
You can also add defaultBackend as a part of your Ingress definition like so
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: default-backend-ingress-example
spec:
defaultBackend:
service:
name: hotel-svc
port:
number: 80
See also:
question on StackOverflow about default http backed
same problem on github
another one
similar topic on linuxfoundation.org
troubleshoouting guide from official documentation
I installed vault helm chart 0.8.0 in dev mode and nginx ingress controller on Kind cluster and applied the following Ingress resource:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: vault-ingress
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
rules:
- host: vault.com
http:
paths:
- path: /v1/*
backend:
serviceName: vault
servicePort: 8200
This is the patch for Kind cluster as noted in https://kind.sigs.k8s.io/docs/user/ingress/:
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
extraPortMappings:
- containerPort: 8200 # Vault port in K8s
hostPort: 80 # Vault port on host
- containerPort: 8200 # Vault port in K8s
hostPort: 443 # Vault port on host
when doing the following curl command I get error:
VAULT_ADDR="http://localhost"
vault login root
Error authenticating: error looking up token: Get "http://localhost/v1/auth/token/lookup-self": read tcp 127.0.0.1:34596->127.0.0.1:80: read: connection reset by peer
Name: vault-ingress
Namespace: vault
Address: localhost
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
vault.com
/v1/* vault:8200 (10.244.1.7:8200)
Annotations: nginx.ingress.kubernetes.io/use-regex: true
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 2m47s (x15 over 10h) nginx-ingress-controller Scheduled for sync
Cluster information:
Installation Method: kubeadm
Kubernetes: 1.19.2
Master & Nodes: Ubuntu 20.04.1 (Oracle Virutalbox)
Docker: 19.03.12
Calico: 3.16.1
Ingress : Bare-metal - 0.40.1
I want to access the Kubernetes dashboard from my laptop using ingress without proxy?
Can anyone help me with the steps... ( I tried multiple ways with the help of the internet... not sure where I am missing?)
Note: As per discussion forums I have added "hostNetwork: true" under the deployment section in ingress YAML to resolve "not working without host parameter" and commented "type: NodePort".
Updated info:
I have created ingress-controller as daemon instead of deployments/pod - this helps in accessing directly with worker IPs. (this is what I am expecting - but unable to access kubernetes dashboard as it is in different namespace)
Ingress yaml: this is running in default namespace
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kdash-in-ns
port:
number: 443
kdash-in-ns yaml - svc with External Name
kind: Service
apiVersion: v1
metadata:
name: kdash-in-ns
namespace: default
spec:
type: ExternalName
externalName: kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local
ports:
- name: https
port: 443
Below details about kdash-in-ns svc with ExternalName
dockeras#ubuntu3:~/simplek8s/kubernetes/yamls/ingress-demo$ kubectl describe svc kdash-in-ns
Name: kdash-in-ns
Namespace: default
Labels: <none>
Annotations: <none>
Selector: <none>
Type: ExternalName
IP:
External Name: kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local
Port: https 443/TCP
TargetPort: 443/TCP
Endpoints: <none>
Session Affinity: None
Events: <none>
kubectl describe for the updated ingress route: in this i have ngnix - which is working fine (i guess both ingress and nginx are in same namespace.. getting error for dashboard - as it in different namespace (kubernetes-dasbhoard))
dockeras#ubuntu3:~$ kubectl describe ing nginx-ingress
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
Name: nginx-ingress
Namespace: default
Address: 192.168.1.31,192.168.1.32
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
*
/nginx nginx-deploy-main:80 )
/foo kubernetes-dashboard:443 (<error: endpoints "kubernetes-dashboard" not found>)
/dashboard kdash-in-ns:443 (<error: endpoints "kdash-in-ns" not found>)
Annotations: kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal CREATE 4m40s nginx-ingress-controller Ingress default/nginx-ingress
When I tried the same URLs in browser below are the responses (One of my worker iP - 192.168.1.31)
192.168.1.31/nginx - responds with nginx default page (pod - nginx-deploy-main)
192.168.1.31/foo - error page - 503 service temporarily Unavailable (default nginx)
192.168.1.31/dashboard - 504 Gateway Time-out (default nginx)
running svc, pods:
All Pods and svcs
If I understand correctly, you want to access kubernetes service (dashboard) from outside cluster. You may deploy metallb LoadBalancer and manage a pull of IPs from external cluster network, assigned to your cluster.
So, you can assign an IP and a LoadBalancer through which you will access your service. Below is an example for mssql server, but you can easily adapt it to your needs with dashboard:
apiVersion: v1
kind: Service
metadata:
name: sql-server-lb
namespace: database-server
annotations:
metallb.universe.tf/address-pool: default
spec:
selector:
app: sql-server
ports:
- port: 1433
targetPort: 1433
type: LoadBalancer
https://metallb.universe.tf/
All,
I followed this tutorial: https://github.com/ahmetb/gke-letsencrypt.
I have an ingress setup for kubernetes in Google Cloud, I have a static IP address and the secrets are created.
This is my ingress config:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: helloweb
annotations:
kubernetes.io/ingress.global-static-ip-name: helloweb-ip
certmanager.k8s.io/acme-http01-edit-in-place: "true"
labels:
app: hello
spec:
backend:
serviceName: helloweb-backend
servicePort: 8080
tls:
- secretName: dogs-com-tls
hosts:
- app-solidair-vlaanderen.com
I can access http://app-solidair-vlaanderen.com, but not the https url.
If I call describe ingress I get this output:
Name: helloweb
Namespace: default
Address: 35.190.68.173
Default backend: helloweb-backend:8080 (10.32.0.17:8080)
TLS:
dogs-com-tls terminates app-solidair-vlaanderen.com
Rules:
Host Path Backends
---- ---- --------
app-solidair-vlaanderen.com
/.well-known/acme-challenge/Q8kcFSZ0ZUJO58xZyVbK6s-cJIWu-EgwPcDd8NFyoXQ cm-acme-http-solver-mhqnf:8089 (<none>)
Annotations:
url-map: k8s-um-default-helloweb--17a833239f9491d9
backends: {"k8s-be-30819--17a833239f9491d9":"Unknown","k8s-be-32482--17a833239f9491d9":"HEALTHY"}
forwarding-rule: k8s-fw-default-helloweb--17a833239f9491d9
target-proxy: k8s-tp-default-helloweb--17a833239f9491d9
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ADD 45m loadbalancer-controller default/helloweb
Normal CREATE 44m loadbalancer-controller ip: 35.190.68.173
Warning Sync 7m (x22 over 28m) loadbalancer-controller Error during sync: error while evaluating the ingress spec: could not find service "default/cm-acme-http-solver-mhqnf"
Does someone know what I'm missing?
You have some mess up in your ingress definition, why the hosts is under the tls?
Here is an example that is working for me:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Values.ingressName }}-ingress
annotations:
kubernetes.io/ingress.global-static-ip-name: {{ .Values.staticIpName }}-static-ip
kubernetes.io/ingress.allow-http: "false"
labels:
...
spec:
tls:
- secretName: sslcerts
rules:
- host: {{ .Values.restApiHost }}
http:
paths:
- backend:
serviceName: rest-api-internal-service
servicePort: 80