Using the latest version of microk8s and trying to set up load balancer to headless service running in the cluster, this is what I have:
$ k get all -n ingress
NAME READY STATUS RESTARTS AGE
pod/nginx-ingress-microk8s-controller-9m59x 1/1 Running 21 (134m ago) 118d
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/svc-metallb LoadBalancer 10.152.183.27 192.168.1.77 80:30155/TCP,443:31357/TCP 90m
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ingress-microk8s-controller 1 1 1 1 1 <none> 118d
$ k get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
ingress public * 127.0.0.1 80 111m
$ k describe ingress
Name: ingress
Labels: app=ingress
Namespace: default
Address: 127.0.0.1
Ingress Class: public
Default backend: <default>
Rules:
Host Path Backends
---- ---- --------
*
/aspnetcorewebapi(/|$)(.*) svc-aspnetcorewebapi:443 (10.1.207.217:443,10.1.207.220:443)
Annotations: kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/ssl-redirect: false
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 7s (x12 over 86m) nginx-ingress-controller Scheduled for sync
$ k get svc
svc-aspnetcorewebapi ClusterIP None <none> 443/TCP 16d
ingress.yml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
namespace: default
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /$2
labels:
app: ingress
spec:
ingressClassName: public
rules:
- host:
http:
paths:
- pathType: Prefix
path: /aspnetcorewebapi(/|$)(.*)
# path: /aspnetcorewebapi
backend:
service:
name: svc-aspnetcorewebapi
port:
number: 443
svc-metallb.yml:
apiVersion: v1
kind: Service
metadata:
name: svc-metallb
namespace: ingress
spec:
selector:
name: nginx-ingress-microk8s
type: LoadBalancer
externalTrafficPolicy: Cluster
# loadBalancerIP is optional. MetalLB will automatically allocate an IP
# from its pool if not specified. You can also specify one manually.
# loadBalancerIP: x.y.z.a
ports:
- name: http
protocol: TCP
port: 80
targetPort: 80
- name: https
protocol: TCP
port: 443
targetPort: 443
Ingress controller log:
[nginx-ingress-microk8s-controller-9m59x] 2022/07/03 08:47:50 [error] 20225#20225: *1345350 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.77, server: _, request: "GET /aspnetcorewebapi HTTP/2.0", upstream: "http://10.1.207.217:443/", host: "localhost"
[nginx-ingress-microk8s-controller-9m59x] 2022/07/03 08:47:50 [error] 20225#20225: *1345350 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.77, server: _, request: "GET /aspnetcorewebapi HTTP/2.0", upstream: "http://10.1.207.220:443/", host: "localhost"
[nginx-ingress-microk8s-controller-9m59x] 2022/07/03 08:47:50 [error] 20225#20225: *1345350 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.77, server: _, request: "GET /aspnetcorewebapi HTTP/2.0", upstream: "http://10.1.207.217:443/", host: "localhost"
[nginx-ingress-microk8s-controller-9m59x] 192.168.1.77 - - [03/Jul/2022:08:47:50 0000] "GET /aspnetcorewebapi HTTP/2.0" 502 150 "-" "curl/7.81.0" 39 0.002 [default-svc-aspnetcorewebapi-443] [] 10.1.207.217:443, 10.1.207.220:443, 10.1.207.217:443 0, 0, 0 0.000, 0.000, 0.000 502, 502, 502 02f391a2e049f1c2e4ab8d9dff31effb
I get 502 Bad Gateway response. Any advice and insight is appreciated.
CodePudding user response:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" does the job!