-
Notifications
You must be signed in to change notification settings - Fork 8.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getting empty reply from server when trying to request from one pod to another within the cluster #6758
Comments
@manuasir please complete the template issue when opening an issue. Please check and post the ingress-nginx pod log. |
Apologies for that, already updated the issue with more information from the template. As each node runs a pod, I've checked the logs of all ingress-nginx pods. They're all like this: The requests that gone fine are logged, the failing ones don't even appear in the logs, like they never arrived in the pod. |
Please update to the latest version v0.43.0 |
That looks correct. How did you install the ingress controller? |
I followed this guide.
I'm performing curls from one pod to another.
I'm curling the service's DNS from within the cluster. I have an NLB and a Route 53 registry pointing to it. I'm going to update to the latest version and then try, thanks! |
@manuasir please add |
@manuasir from the provided information I don't see anything related to the ingress controller itself:
Maybe this is related to a networking issue between the LB and the node/s where the ingress controller pod is running. To check this, please enable the LB logs (S3 bucket) adding the next annotations to the ingress-nginx service:
wait until the LB configuration is updated and then run the test. From the log in S3, you should see if the issue is produced in a particular target (node) and also get more details about the error |
@manuasir were you able to find a solution for this issue? I'm facing the same issue as you have described. I don't want to open another ticket since this ticket is still open and it is related to my current issue as well. Here is my current configuration
@aledbf any guidance would be much appreciate it. |
We were not able to solve this yet. |
this seems to be related to use-proxy-protocol which needs to be turned on for requests coming through the NLB, but fails for this pod to itself, even if going through the NLB .. |
Cloud it be, that NLB fails to pass proxy-protocol data when the request comes from the same host the pod is running on ? ... 🤔 |
Is it possible that if you are facing this problem, then you do the following steps and provide data as suggested in these steps ;
Or you can adapt above steps for below test ;
|
Hi @manuasir @JihadMotii-REISys can you guys confirm that the issue still exists with newer versions of ingress-nginx? |
Anyone end up figuring this one out? |
We resolved this by disabling NLB Client IP Preservation |
hi, can you close this issue and come talk about it on kubernetes.slack.com in the ingress-nginx-users channel. There are many developers and engineers who may have insight and not all of them would be looking here. /remove-kind bug |
/close feel free to open this one again or submitting a new issue. |
@iamNoah1: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@sharms if i may ask here; how do you disable NLB Client IP Preservation ? ingress annotations ? lb config ? |
@benbonnet - Here was the code from the time:
|
Deploy ingress-nginx pods on different kubernetes nodegroup. |
Thank you so much @sharms, we stuck in this problem for months. |
Thanks sharms for the info. |
We resolved this by enabling Proxy protocol v2 |
NGINX Ingress controller version:
0.32.0
Kubernetes version (use
kubectl version
):1.18
Environment:
uname -a
): Linux ip-10-2-5-110.eu-west-1.compute.internal 4.14.209-160.335.amzn2.x86_64 Basic structure #1 SMP Wed Dec 2 23:31:46 UTC 2020 x86_64 x86_64 x86_64 GNU/LinuxWhat happened:
I'm currently in an EKS environment, using a private node group (three private subnets within the VPC where I connect to through a VPN). After setting up the IC, everything seems to work fine. When connecting to the VPC, the requests to my services behind the LB work. There is no loss, I use
curl
for testing purposes and all the requests are able to resolve successfully. The problem comes when curling from a pod to another within the cluster. Eventually, I get thisEmpty reply from server
error.Let's say that ~10% of the requests fail.
My architecture is very simple, like the following:
How to reproduce it (as minimally and precisely as possible):
Just attach a shell to any pod within your cluster and
curl
another pod.Anything else we need to know?:
I'm attaching several configuration files we're currently using
Environment:
EKS
What you expected to happen:
All requests can be resolved without loss.
Any help would be much appreciated, don't hesitate to ask for any details.
Cheers
The text was updated successfully, but these errors were encountered: