I've been using minikube and this yml file:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-service
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- path: /?(.*)
pathType: Prefix
backend:
service:
name: client-cluster-ip
port:
number: 3000
- path: /api/?(.*)
pathType: Prefix
backend:
service:
name: server-cluster-ip
port:
number: 5000
I've installed helm on my GKE cluster and installed ingress-nginx via helm following their directions here.
I kubectl apply my k8s and they all spin up besides the ingress-service from the file above.
Any help is much appreciated.
I've tried this:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-service
namespace: my-ingress-nginx
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- path: /*
backend:
serviceName: client-cluster-ip
servicePort: 3000
- path: /api/*
backend:
serviceName: server-cluster-ip
servicePort: 5000
I'm really stuck here. Not seeing ingress-service show up like I would in minikube and I have no idea why.
server-cluster-ip:
apiVersion: v1
kind: Service
metadata:
name: server-cluster-ip
spec:
type: ClusterIP
selector:
component: server
ports:
- port: 5000
targetPort: 5000
client-cluster-ip:
apiVersion: v1
kind: Service
metadata:
name: client-cluster-ip
spec:
type: ClusterIP
selector:
component: web
ports:
- port: 3000
targetPort: 3000
The deployments and the clusterIp services above are being applied to the cluster but the ingress-service to direct traffic to them is not.
Services:
NAME TYPE
client-cluster-ip ClusterIP
kubernetes ClusterIP
my-ingress-nginx-controller LoadBalancer
my-ingress-nginx-controller-admission ClusterIP
postgres-cluster-ip ClusterIP
redis-cluster-ip ClusterIP
server-cluster-ip ClusterIP
the my-ingress-nginx-controller and my-ingress-nginx-controller-admission was created when I did helm install my-ingress-nginx ingress-nginx/ingress-nginx
Why can't I create an ingress service?
I realized I needed to open port 8443 from the documentation.
So I went to the firewall list in google cloud. Found the rules that had tcp:80,443 in the Protocols / ports. Clicked it, clicked edit and added 8443 to it.
I had an error after but this fixed it:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: ingress-resource
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- path: /?(.*)
backend:
serviceName: client-cluster-ip
servicePort: 3000
- path: /api/?(.*)
backend:
serviceName: server-cluster-ip
servicePort: 5000
Notice I changed * for ?(.*)
Related
I have a cluster IP service and a Ingress. What should my custom domain name point to if I need to route traffic using Ingress? Backend is plain http.
Do I have to create a AWS Loadbalancer with target groups pointing to k8s nodes? And use domain alias pointing to aws loadbalancer? I was reading this K8s article and they're pointing to a subdomain.
Ingress.yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
creationTimestamp: "2022-08-05T00:50:41Z"
generation: 1
labels:
app: testing
name: httpd
namespace: default
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
service:
name: httpd
port:
number: 8080
path: /
pathType: ImplementationSpecific
tls:
- hosts:
- www.example.com
secretName: tls-secret
status:
loadBalancer: {}
service.yaml:
kind: Service
metadata:
creationTimestamp: "2022-08-05T00:50:41Z"
labels:
app: testing
name: httpd
namespace: default
spec:
clusterIP: 100.65.xxx.xx
clusterIPs:
- 100.65.xxx.xx
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
name: httpd
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
Yes you have to create the Load Balancer however that will auto managed by the K8s service.
You can use the Nginx or other ingress controller as per requirement.
You can checkout this Nice official doc from AWS : https://aws.amazon.com/blogs/opensource/network-load-balancer-nginx-ingress-controller-eks/
Once you deploy the Nginx ingress controller it will manage the ingress resource and the Nginx controller will get the public LB.
Example :
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: example-ingress
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- anthonycornell.com
secretName: tls-secret
rules:
- host: anthonycornell.com
http:
paths:
- path: /apple
backend:
serviceName: apple-service
servicePort: 5678
- path: /banana
backend:
serviceName: banana-service
servicePort: 5678
I am new to K8s and learning the concepts.
I need to achieve the following requirements using nginx-ingress in K8s
Whenever we receive request to abc.com/api it should get redirected to example.com/api, if the request is not from whitelisted IP range.
Kindly assist me with suggestions or feedback on this.
Thank you
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.class: nginx
meta.helm.sh/release-name: static-web
meta.helm.sh/release-namespace: default
nginx.ingress.kubernetes.io/rewrite-target: /404.html
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
app.kubernetes.io/managed-by: Helm
name: internal-ingress
namespace: default
spec:
rules:
- host: abc.com
http:
paths:
- backend:
service:
name: nginx-svc
port:
number: 8000
path: /api/user-service
pathType: Prefix
- backend:
service:
name: nginx-svc
port:
number: 8000
path: /api/notification-service
pathType: Prefix
tls:
- hosts:
- abc.com
secretName: ingress-secret-tls
I’m using AWS EKS with aws load balancer controller. I have created five services and deployments and make a single ingress file. The deployment has done successfully but when i access ALB-URL with below mentioned paths in ingress file. It gives me 404 error. But the when i used EXTERNALIP:PORT/PATH it’s working fine. How can I fix the issue ?
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: ee-be
name: ee-ingress
annotations:
# Ingress Core Settings
kubernetes.io/ingress.class: "alb"
alb.ingress.kubernetes.io/scheme: internet-facing
# Health Check Settings
alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
alb.ingress.kubernetes.io/healthcheck-port: '8012'
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
alb.ingress.kubernetes.io/success-codes: '200'
alb.ingress.kubernetes.io/healthy-threshold-count: '2'
alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
spec:
rules:
- http:
paths:
- path: /rwds/*
backend:
serviceName: ee-rwds
servicePort: 8012
- path: /point/*
backend:
serviceName: ee-pe
servicePort: 8013
- path: /user-mgt/*
backend:
serviceName: ee-um
servicePort: 8014
Perhaps you have a ClusterIP service instead an ExternalName service.
ExternalName service example:
apiVersion: v1
kind: Service
metadata:
name: my_service_name
namespace: my_ingress_namespace
spec:
externalName: my_service_name.my_service_namespace_name.svc.cluster.local
ports:
- port: 80
protocol: TCP
targetPort: 80
sessionAffinity: None
type: ExternalName
status:
loadBalancer: {}
I am still struggling with kubernetes.
I have issue with preserving request IP address on service for logging purposes. Logging is done with GRPC server. This code is working outside kubernetes as intended.
Service is defined similar to this.
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
name: grpc-api
name: grpc-api
namespace: myns
spec:
ports:
- name: ext-5000
port: 5000
targetPort: 5000
- name: grpc-5050
port: 5050
targetPort: 5050
selector:
name: grpc-api
type: ClusterIP
Ingress is:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
certmanager.k8s.io/cluster-issuer: letsencrypt-myns
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: GRPC
nginx.ingress.kubernetes.io/service-upstream: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
name: api-grpc
name: api-grpc
namespace: myns
spec:
rules:
- host: api.example.org
http:
paths:
- backend:
serviceName: grpc-api
servicePort: 5000
path: /
tls:
- hosts:
- api.example.org
secretName: grpc-api-ingress-cert
Documentation mentions externalTrafficPolicy: Local in service, where type is LoadBalancer. Would it be enough to add parameter above to ClusterIP type service or do I have to change it to something else?
Thank you in advance.
I have two services running:
$kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 49m
shiny NodePort 10.110.49.57 <none> 3838:30240/TCP 34m
web NodePort 10.98.56.71 <none> 80:31758/TCP 39m
And the following ingress:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- http:
paths:
- path: /*
backend:
serviceName: web
servicePort: 80
- path: /shiny/*
backend:
serviceName: shiny
servicePort: 3838
I get the behavior I want from shiny if I access it directly through minikube service shiny:
After applying the ingress, the subdomains stop working:
Why does this happen?
I would like to access stuff in shiny, from web, through url's.
Eg. <iframe src=.../shiny/test1></iframe>.
The following yaml adjustments solved the problem:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
rules:
- http:
paths:
- path: /*
backend:
serviceName: web
servicePort: 80
- path: /shiny(/|$)(.*)
backend:
serviceName: shiny
servicePort: 3838
Source: https://kubernetes.github.io/ingress-nginx/examples/rewrite/
Edit:
The above led to more trouble down the line. In the end, I went with the following ingress config:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite /$1 break;
rewrite /shiny/(.*) /$1 break;
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: web
servicePort: 80
- path: /shiny
backend:
serviceName: shiny
servicePort: 3838
Nginx uses regex for matching the paths/locations of your requests. Try changing:
/shiny/* to /shiny/.*