Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx 503 error why trying rewrite ingress address #11192

Open
ZrytyADHD opened this issue Apr 2, 2024 · 8 comments
Open

Nginx 503 error why trying rewrite ingress address #11192

ZrytyADHD opened this issue Apr 2, 2024 · 8 comments
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-priority needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. triage/needs-information Indicates an issue needs more information in order to work on it.

Comments

@ZrytyADHD
Copy link

Hi, I have a question anyone have a issue with redirecting to NGINX Ingress from F5 or Haproxy ?
I need to rewrite address from app1.kube-dev.example.com which is served by NGINX with TLS to app1-dev.example.com on haproxy
Configuration is OK app1.kube-dev.example.com work like a charm but when I try to access it with address from haproxy app1-dev.example.com i get 503 error.
What shoud I configure to get it work. This config is required to expose my app to internet.
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Apr 2, 2024
@k8s-ci-robot
Copy link
Contributor

This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-priority labels Apr 2, 2024
@longwuyuan
Copy link
Contributor

not tested or supported. check the https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/ information

@ZrytyADHD
Copy link
Author

not tested or supported. check the https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/ information

Ok but it is a simple redirect in my opinion.
My ingress address is : https://app1.kube-dev.example.com/
My Haproxy/F5 adress is : https://app1-dev.example.com/

So when user enter in web browser https://app1-dev.example.com/ shoud be redirected thru haproxy/f5 to address
https://app1.kube-dev.example.com/ and be able to see application page but we got 503.

@longwuyuan
Copy link
Contributor

longwuyuan commented Apr 3, 2024 via email

@strongjz
Copy link
Member

strongjz commented Apr 3, 2024

Are you using this project ingress-nginx controller for the redirects or F5 nginx controller?

@longwuyuan can you follow up with a close if this is not needed

/triage needs-information

@k8s-ci-robot k8s-ci-robot added the triage/needs-information Indicates an issue needs more information in order to work on it. label Apr 3, 2024
@ZrytyADHD
Copy link
Author

ZrytyADHD commented Apr 3, 2024
edited

Are you using this project ingress-nginx controller for the redirects or F5 nginx controller?

@longwuyuan can you follow up with a close if this is not needed

/triage needs-information

I have a Tanzu Cluster and installed Nginx Ingress Controller on it. F5 or Haproxy are external.

The trafic look like:
User-> Address on F5/Haproxy -> Ingress Address from Nginx Controller.-> Service - > App in Pod

After few experiments I was able to run this with haproxy ingress controller and I think the problem is with ports which are used in service and haproxy configuration:
http Listening port is 80 and Target is 8080
https Listening port 443 and Target port is 8443

Haproxy backend is set to port 443.

I don't tell anything about rest of the setup.
Configuration:
Tanzu Kubernetes Cluster - TKGs with NSX Load Balancer.

EDIT:
Additional info which can help:

I'm using Nginx with specific IP for exampler 10.1.1.10 and when try to rewrite address
https://app1.kube-dev.example.com to https://app1-dev.example.com it always point me to page which is displayed by kubernetes internal proxy : https:ingress-nginx-controller:443/proxy/

So I think I need some rule or DNS entry. I use wildcard certificate kube-dev.example.com pointing IP. 10.1.1.10 maybe this is a problem.

@strongjz
Copy link
Member

Can you put in a rewrite or a redirect at the haproxy level?

@github-actions GitHub Actions
Copy link

This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach #ingress-nginx-dev on Kubernetes Slack.

@github-actions github-actions bot added the lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. label May 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-priority needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. triage/needs-information Indicates an issue needs more information in order to work on it.
Projects
[sig-network] Ingress-Nginx
Status: No status
Milestone
No milestone
Development

No branches or pull requests
4 participants
@strongjz @longwuyuan @k8s-ci-robot @ZrytyADHD