You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
We are running multiple Citrix Ingress controllers in the same cluster, configured with different ingress classes. When we create RewritePolicy CRs, both controllers would attempt to reconcile it even though it's configured with the correct spec.ingressclass
To Reproduce
Deploy 2 Citrix Ingress controllers in the same cluster, one with:
create rewritepolicy CRD with e.g. frontend class -- it will be picked up by the backend controller.
Version of the NetScaler Ingress Controller:1.39.6
Version of VPX: NS13.1 49.13.nc
Version of MPX: NS13.1 51.15.nc
Expected behavior
It should only be picked up by the correct controller.
Logs
both controllers process the same CRD; logs are quite similar; backend:
2024-04-11 12:27:19,798 - INFO - [rewritepolicy.py:validate_add:103] (MainThread) BEGIN VALIDATION for crd autoiceallowlistvpns.fe-nginx of kind rewritepolicy
2024-04-11 12:27:19,799 - INFO - [rewritepolicy.py:validate_add:154] (MainThread) ADD event VALIDATION SUCCESS for crd autoiceallowlistvpns.fe-nginx of kind rewritepolicy
2024-04-11 12:27:19,810 - INFO - [rewritepolicy.py:add_policy_crd:196] (MainThread) ADD event: BEGIN PROCESSING for instance autoiceallowlistvpns.fe-nginx and kind rewritepolicy
2024-04-11 12:27:19,811 - INFO - [referencemanager.py:register_crd_instance:395] (MainThread) Adding new instance for CRD fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,811 - INFO - [referencemanager.py:register_crd_reference:440] (MainThread) Registering reference: fe-nginx.lbvserver.* Filter: {'k8sservice': 'dev-icekube-nginxfe-controller'}
2024-04-11 12:27:19,811 - INFO - [referencemanager.py:activate_crd:989] (MainThread) Activating CRD fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,811 - INFO - [rewritepolicy.py:add_spec:950] (MainThread) add_spec called on instance fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,811 - INFO - [config_dispatcher.py:__dispatch_config_pack:301] (Dispatcher) Processing of ConfigPack '{ID:ReWriteCRD1-add-spec ConfigObjects(4)[ADD_policydataset_autoiceodw2y_crd_rewritepolicy_dataset_autoiceallowlist
2024-04-11 12:27:19,838 - INFO - [referencemanager.py:resolve_references:542] (MainThread) Resolve reference for CRD fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,838 - INFO - [referencemanager.py:resolve:478] (MainThread) Resolving node fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:20,228 - INFO - [config_dispatcher.py:__dispatch_config_pack:355] (Dispatcher) Processing of ConfigPack 'ReWriteCRD1-add-spec' is successful
frontend:
2024-04-11 12:27:19,797 - INFO - [rewritepolicy.py:validate_add:103] (MainThread) BEGIN VALIDATION for crd autoiceallowlistvpns.fe-nginx of kind rewritepolicy
2024-04-11 12:27:19,797 - INFO - [rewritepolicy.py:validate_add:154] (MainThread) ADD event VALIDATION SUCCESS for crd autoiceallowlistvpns.fe-nginx of kind rewritepolicy
2024-04-11 12:27:19,806 - INFO - [rewritepolicy.py:add_policy_crd:196] (MainThread) ADD event: BEGIN PROCESSING for instance autoiceallowlistvpns.fe-nginx and kind rewritepolicy
2024-04-11 12:27:19,806 - INFO - [referencemanager.py:register_crd_instance:395] (MainThread) Adding new instance for CRD fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,806 - INFO - [referencemanager.py:register_crd_reference:440] (MainThread) Registering reference: fe-nginx.lbvserver.* Filter: {'k8sservice': 'dev-icekube-nginxfe-controller'}
2024-04-11 12:27:19,807 - INFO - [referencemanager.py:activate_crd:989] (MainThread) Activating CRD fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,807 - INFO - [rewritepolicy.py:add_spec:950] (MainThread) add_spec called on instance fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,809 - INFO - [config_dispatcher.py:__dispatch_config_pack:301] (Dispatcher) Processing of ConfigPack '{ID:ReWriteCRD1-add-spec ConfigObjects(4)[ADD_policydataset_autoiceodw2y_crd_rewritepolicy_dataset_autoiceallowlist
2024-04-11 12:27:19,836 - INFO - [referencemanager.py:resolve_references:542] (MainThread) Resolve reference for CRD fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,837 - INFO - [referencemanager.py:resolve:478] (MainThread) Resolving node fe-nginx.rewritepolicy.autoiceallowlistvpns
2024-04-11 12:27:19,837 - INFO - [rewritepolicy.py:reference_resolved:959] (MainThread) fe-nginx.rewritepolicy.autoiceallowlistvpns Reference resolved with kind:lbvserver name:autoiceodw2y-dev-icekube-nginxfe-controller_443_lbv_kqcdw3lhv
2024-04-11 12:27:20,129 - INFO - [config_dispatcher.py:__dispatch_config_pack:355] (Dispatcher) Processing of ConfigPack 'ReWriteCRD1-add-spec' is successful
2024-04-11 12:27:20,130 - INFO - [config_dispatcher.py:__dispatch_config_pack:301] (Dispatcher) Processing of ConfigPack '{ID:ReWriteCRD-create-bindings ConfigObjects(1)[ADD_lbvserver_responderpolicy_binding_autoiceodw2y-dev-icekube-ngin
2024-04-11 12:27:20,284 - INFO - [config_dispatcher.py:__dispatch_config_pack:355] (Dispatcher) Processing of ConfigPack 'ReWriteCRD-create-bindings' is successful
Additional context
The issue might be that kubernetes.crds.RewritepolicyCRD doesn't overwrite is_ingressclass_supported method to return True like other CRDs (e.g. HTTPRoute).
The text was updated successfully, but these errors were encountered:
Describe the bug
We are running multiple Citrix Ingress controllers in the same cluster, configured with different ingress classes. When we create
RewritePolicy
CRs, both controllers would attempt to reconcile it even though it's configured with the correctspec.ingressclass
To Reproduce
Deploy 2 Citrix Ingress controllers in the same cluster, one with:
and other with
create
rewritepolicy
CRD with e.g.frontend
class -- it will be picked up by the backend controller.1.39.6
NS13.1 49.13.nc
NS13.1 51.15.nc
Expected behavior
It should only be picked up by the correct controller.
Logs
both controllers process the same CRD; logs are quite similar; backend:
frontend:
Additional context
The issue might be that
kubernetes.crds.RewritepolicyCRD
doesn't overwriteis_ingressclass_supported
method to returnTrue
like other CRDs (e.g. HTTPRoute).The text was updated successfully, but these errors were encountered: