Home > Back-end >  Microk8s MetalLB ingress headless service - 502 Bad Gateway
Microk8s MetalLB ingress headless service - 502 Bad Gateway

Time:07-05

Using the latest version of microk8s and trying to set up load balancer to headless service running in the cluster, this is what I have:

$ k get all -n ingress
NAME                                          READY   STATUS    RESTARTS        AGE
pod/nginx-ingress-microk8s-controller-9m59x   1/1     Running   21 (134m ago)   118d

NAME                  TYPE           CLUSTER-IP      EXTERNAL-IP    PORT(S)                      AGE
service/svc-metallb   LoadBalancer   10.152.183.27   192.168.1.77   80:30155/TCP,443:31357/TCP   90m

NAME                                               DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
daemonset.apps/nginx-ingress-microk8s-controller   1         1         1       1            1           <none>          118d
$ k get ingress
NAME      CLASS    HOSTS   ADDRESS     PORTS   AGE
ingress   public   *       127.0.0.1   80      111m
$ k describe ingress
Name:             ingress
Labels:           app=ingress
Namespace:        default
Address:          127.0.0.1
Ingress Class:    public
Default backend:  <default>
Rules:
  Host        Path  Backends
  ----        ----  --------
  *           
              /aspnetcorewebapi(/|$)(.*)   svc-aspnetcorewebapi:443 (10.1.207.217:443,10.1.207.220:443)
Annotations:  kubernetes.io/ingress.class: nginx
              nginx.ingress.kubernetes.io/rewrite-target: /$2
              nginx.ingress.kubernetes.io/ssl-redirect: false
Events:
  Type    Reason  Age                From                      Message
  ----    ------  ----               ----                      -------
  Normal  Sync    7s (x12 over 86m)  nginx-ingress-controller  Scheduled for sync
$ k get svc
svc-aspnetcorewebapi                         ClusterIP   None             <none>        443/TCP                         16d

ingress.yml:

apiVersion: networking.k8s.io/v1
kind: Ingress 
metadata:
  name: ingress 
  namespace: default 
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "false" 
    nginx.ingress.kubernetes.io/rewrite-target: /$2
  labels: 
    app: ingress 
spec:
  ingressClassName: public
  rules:  
  - host: 
    http:   
      paths:  
      - pathType: Prefix
        path: /aspnetcorewebapi(/|$)(.*)
#        path: /aspnetcorewebapi
        backend:
          service:
            name: svc-aspnetcorewebapi
            port:
              number: 443

svc-metallb.yml:

apiVersion: v1
kind: Service 
metadata:
  name: svc-metallb
  namespace: ingress 
spec:
  selector:
    name: nginx-ingress-microk8s
  type: LoadBalancer
  externalTrafficPolicy: Cluster 
  # loadBalancerIP is optional. MetalLB will automatically allocate an IP 
  # from its pool if not specified. You can also specify one manually.
  # loadBalancerIP: x.y.z.a 
  ports:  
    - name: http
      protocol: TCP
      port: 80
      targetPort: 80
    - name: https
      protocol: TCP
      port: 443
      targetPort: 443

Ingress controller log:

[nginx-ingress-microk8s-controller-9m59x] 2022/07/03 08:47:50 [error] 20225#20225: *1345350 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.77, server: _, request: "GET /aspnetcorewebapi HTTP/2.0", upstream: "http://10.1.207.217:443/", host: "localhost" 
[nginx-ingress-microk8s-controller-9m59x] 2022/07/03 08:47:50 [error] 20225#20225: *1345350 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.77, server: _, request: "GET /aspnetcorewebapi HTTP/2.0", upstream: "http://10.1.207.220:443/", host: "localhost" 
[nginx-ingress-microk8s-controller-9m59x] 2022/07/03 08:47:50 [error] 20225#20225: *1345350 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.77, server: _, request: "GET /aspnetcorewebapi HTTP/2.0", upstream: "http://10.1.207.217:443/", host: "localhost" 
[nginx-ingress-microk8s-controller-9m59x] 192.168.1.77 - - [03/Jul/2022:08:47:50  0000] "GET /aspnetcorewebapi HTTP/2.0" 502 150 "-" "curl/7.81.0" 39 0.002 [default-svc-aspnetcorewebapi-443] [] 10.1.207.217:443, 10.1.207.220:443, 10.1.207.217:443 0, 0, 0 0.000, 0.000, 0.000 502, 502, 502 02f391a2e049f1c2e4ab8d9dff31effb

I get 502 Bad Gateway response. Any advice and insight is appreciated.

CodePudding user response:

nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" does the job!

  • Related