I have created an ingress controller configuration with following path definitions:
paths:
- path: (USA)/my-app/(.*)$
...............
- path: (UK)/my-app/(.*)$
The problem happening here is when I don't set the following annotation;
nginx.ingress.kubernetes.io/session-cookie-path
I get regular expression in INGRESSCOOKIE path as:
cookie-name: INGRESSCOOKIE --------cookie-path: /(USA)/my-app/(.*)$
This is coming from the given path i.e. /(USA)/my-app/(.*)$.
As a result this response cookie from Ingress doesn't go back to Ingress for any subsequent request for http://USA/my-app/?id=1. (as HTTP request path differs from path in INGRESSCOOKIE)
And because of this HTTP request at times hit a different upstream server and user logs out; as session id in request is generated by a different server managed through the same load balancer.
I then tried setting annotation as:
nginx.ingress.kubernetes.io/session-cookie-path= /$1/my-app
But $1 doesn't actually resolve here; probably we cant give expressions in session-cookie-path.
Is there anything I am not doing in a right way here? Or, I should try something else to achieve session affinity.
Thanks
I know this is pretty old but wanted to share my view anyway.
For your issue, you might want to try the following annotation: nginx.ingress.kubernetes.io/use-regex
Please remove "session-cookie-path" from annotations as Session Cookie Paths doesn't support regex
For more information, please visit below links:
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#use-regex
https://kubernetes.github.io/ingress-nginx/user-guide/ingress-path-matching/
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#cookie-affinity
Related
We decided to move from the subdomain structure to one root domain with path prefixes, but we got many old URLs on the internet. So is there any way to add a redirect from the old URL to the new one?
For example,
We got subdomain test.example.com switched to example.com/test, I can access correctly site with the string in docker-swarm YAML file
traefik.frontend.rule: Host:example.com;PathPrefixStrip:/test
but when I'm trying to add to Traefik config redirects like:
[http.middlewares]
[http.middlewares.test-redirectregex.redirectRegex]
regex = "^https://(*).example.com/)"
replacement = "^https://example.com/${1}"
Traefik says that it doesn't know where to forward this request
If I'm trying to add:
traefik.frontend.rule: Host:test.example.com,example.com;PathPrefixStrip:/test
Traefik adds a prefix to both hosts. Is there any way to resolve this without adding a second reverse proxy?
Assuming that you are using Traefik 2.1, you can use the below middleware for Traefik
[http.middlewares]
[http.middlewares.blog-redirect.redirectRegex]
regex = "^(https?://)(.*).example.com/(.*)$"
replacement = "${1}example.com/${2}/${3}"
permanent = true
The important step to activate the above middleware is to add the below label on the corresponding router and service. For instance, if you a a blog service and you defined a blog router for it, then you need to add the below table to the services
traefik.http.routers.blog.middlewares=blog-redirect
In addition, your route rule should look like the below rule to be able to handle both domains (or you define multiple routes per service)
- traefik.http.routers.blog.rule=Host(`example.com`) && Path(`/test`) || Host(`api.example.com``)
in this post, you can find more info about traffic and redirection
I am working on a kubernetes cluster and problem faced is:
From UI/browser, I can see it is sending a request header called "request_id" please refer to image:
But while checking on backend it is unavailable. While searching through internet, I could see that people are talking about adding following entry to Ingress object:
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header request_id "$req_id";
But it is generating a new value for this and not passing value submitted by browser.
Any ideas, what might be missing here?
If you want to pass a custom header to your backend, you need to use this kind of annotation:
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Request-Id: $request_id
In your configuration you are using the variable $req_id, but you need to pass the variable sent by UI/browser.
Basically, ingress-nginx-controller drops any request headers that contains "_" in them. You can find various threads which discuss this issue like,
Why HTTP servers forbid underscores in HTTP header names
So, I just enabled ingress controller to pass such request headers. This can be done by adding following entry to configmap "nginx-configuration"
data:
enable-underscores-in-headers: "true"
IMO, this is a much clean solution as there could be many applications that might use "_" in request headers.
I am working on a flow where I have ng4+boot app running on https://host_a:8080 and a backend service at https://host_b:8080 with some APIs.
I have RestController/Path at both the hosts, i.e. I need some urls to hit localhost (host_a) and others to host_b.
In application.yml, I have tried almost all possible combinations of Zuul routes but still getting 404 for all host_b rest APIs. host_a APIs work well.
Note: We have this working when there is no rest API on host_a and no custom filter on host_a.
Is there something wrong working with filter? I don't see any log from zuul filter now after I added this controller to host_a
I am aware that I can use forward property to route to localhost which works well. But somehow host_b rest all gives 404 error.
My implementation requirements-
http://host_a:8080/api/abc/user to hit at localhost i.e. host_a
http://host_a:8080/api/xyz/getall to hit at host_b
Important- Need a custom zuul filter which adds certain headers to request before it's routed to host_b as explained in point 2. - Already at place, but cannot see logs inside it now.
What I tried already-
zuul:
routes:
xyz:
path: /api/xyz/**
url: http://host_b:8080/api/xyz
I tried almost everything, using prefix, strip-prefix, only host in url, using forward for local routing, etc. Nothing works.
Kindly help me with the possible causes I may be ignoring or if missing something?
Thanks in advance.
Finally, I was able to resolve issues.
1. I had to change jersey #Path to spring #RestController
2. Changed Zuul Filter order from 1 to 999.
Works well now.
Using omnibus gitlab 9.2.
Action: As a non-logged-in user, attempt a request for a public project that doesn't exist (at least not publicly).
Result: Receive a 302 redirect to /users/sign_in from nginx.
What I'd like to see: Receive a 302 redirect to /public (or wherever, for that matter)
What I've tried without success: Adding this to gitlab.rb:
nginx['custom_gitlab_server_config'] = "try_files $uri $uri/ /public;\n\nfastcgi_intercept_errors on;\n\n"
I couldn't find the explicit redirect in any nginx conf, so I guess it's in Rails. I'll peruse that code.
This is actually a custom HA configuration with the gitlab nodes behind haproxy fronts. I thought about possibly doing something on the fronts, but couldn't come up with anything.
Thanks!
Edit:
I see now that replacing the unmatched_route line in routes.rb with:
get '*unmatched_route', to: redirect('/public'), via: :all
does what I need, but I'd of course want to make that change persistent. Is that possible?
yesterday i switched my sites to a new server. now i have a problem, because one domain i now run as a subdomain, was previously accessed as a subfolder and a few sites, which I have no access to, are still using that domain.com/subfolder/?some=parameters
so, long story short:
i need to update my nginx config file, to redirect my users from domain.com/subfolder/?some=parameters to subfolder.domain.com/?some=parameters
i searched for a solution for that problem yesterday, but couldn't fix the problem.
currently i have this in my conf file:
location /subfolder/ {
rewrite ^/subfolder(/.*)$ http://subfolder.domain.com$1 permanent;
}
which obviously redirects all requests from domain.com/subfolder/?some=parameters to subfolder.domain.com/?some=parameters, but requests to domain.com/subfolder/styles.css aren't redirected.
I think this is due to a conflicting location directive for specific static file extensions in your nginx config. I was able to get your rule to work by making it use a regular expression which influences the priority.
location ~ /subfolder/.* {
rewrite ^/subfolder(/.*)$ http://subfolder.domain.com$1 permanent;
}
See the details about the location directive, especially the rules and examples there about precedence.