This is an ingress controller that can be run on Azure Kubernetes Service (AKS) to allow an Azure Application Gateway to act as the ingress for an AKS cluster.
Describe the bug
I have the routes of type prefix defined in my ingress:
'/api/users/signin'
'/'
The '/' path lead to a client webapp that is successfully being loaded when I type the website address.
When I try to signin via the 2nd route , I get a 502 error.
Output of kubectl logs <ingress controller>. The logs show nothing butI0330 07:38:33.413508 1 reflector.go:381] pkg/mod/k8s.io/client-go@v0.21.2/tools/cache/reflector.go:167: forcing resync`
When looking at the app gateway logs in Azure portal, I can see that for a requested route the correct backend setting name and backend pool name are selected for all routes (in columns backendPoolName_s and backendSettingName_s).
What is strange, the serverRouted_s column lists for the successful request to path '/' the correct IP: 10.0.0.234:3000
However, for the unsuccessful request to signin, the serverRouted_s column shows the name of the backendPoolName instead of the resolved IP address. Also, the server response latency for the not working signin request is 0.
Looking at the backend settings and backend pool settings in Azure portal, there is no obvious difference between the working client and the not working signin configurations.
The backend target in the rules menu also look good.
If I choose the signin route as the backend target in Azure portal (=the target that the request is routed too when no path matches), the error still occurs.
When I remove the '/' route entirely and only leave the signin route and try to send a request with Postman, the same 502 error persists.
Not sure whether this not resolved serverRouted_s entry in the debug log points to the true cause of the error.
I am very greatful for any hint where to check because it all looks set up just fine in azure portal and there are no obvious differeneces between the working client route and the not working signin route.
this is related to 502 Bad Gateway #1020, specifically
Health probes are not configured correctly. For example: Incorrect Port or path in the readiness probe or liveness probe.
Once I configure my health probes correctly, it works.
Describe the bug I have the routes of type prefix defined in my ingress:
The '/' path lead to a client webapp that is successfully being loaded when I type the website address. When I try to signin via the 2nd route , I get a 502 error.
To Reproduce
Ingress Controller details
Output of
kubectl describe pod <ingress controller
>Output of
kubectl logs <ingress controller>. The logs show nothing but
I0330 07:38:33.413508 1 reflector.go:381] pkg/mod/k8s.io/client-go@v0.21.2/tools/cache/reflector.go:167: forcing resync`When looking at the app gateway logs in Azure portal, I can see that for a requested route the correct backend setting name and backend pool name are selected for all routes (in columns backendPoolName_s and backendSettingName_s). What is strange, the serverRouted_s column lists for the successful request to path '/' the correct IP: 10.0.0.234:3000 However, for the unsuccessful request to signin, the serverRouted_s column shows the name of the backendPoolName instead of the resolved IP address. Also, the server response latency for the not working signin request is 0.
Looking at the backend settings and backend pool settings in Azure portal, there is no obvious difference between the working client and the not working signin configurations. The backend target in the rules menu also look good. If I choose the signin route as the backend target in Azure portal (=the target that the request is routed too when no path matches), the error still occurs. When I remove the '/' route entirely and only leave the signin route and try to send a request with Postman, the same 502 error persists.
Not sure whether this not resolved serverRouted_s entry in the debug log points to the true cause of the error. I am very greatful for any hint where to check because it all looks set up just fine in azure portal and there are no obvious differeneces between the working client route and the not working signin route.
Cheers