Closed HelenaSeidel closed 1 year ago
this has been mentioned in #1364 by @giuliocalzolari and we can confirm this behavior
to reproduce this properly, AGIC 1.7.0 has to run on an empty AGW, if it is pre configured, i.e. an older AGIC version ran before, AGIC 1.7.0 seems to be working properly also creating new configuration and stuff ¯\_(ツ)_/¯
We seem to have the same issue. When we use version 1.6 with service principal, the deployment works. Then when we upgrade to version 1.7 with managed identity, it also works. But when we use version 1.7 from scratch, we have the same error.
Can confirm this problem on empty Application Gateways as well with v1.7.0.
Our first try was to use Workload Identity with a completely fresh installation but could not get it working. After that, we tried to configure a fresh Installation of v1.7.0 on an Empty Application Gateway with Managed Identity and got the same error as @HelenaSeidel described above.
Same configuration with Managed Identity and Version 1.6.0 worked on an empty Application Gateway.
We can confirm also with empty new AGW we run in segmentation violation. Is there a complete Example to use Azure agic with Workload Identity somewhere?
Hello,
is the segmentation fault now fixed? And is there new Version for that ? See only the 1.7.0 from 27 March 2023.
I asked already here https://github.com/Azure/application-gateway-kubernetes-ingress/pull/1538
we can confirm, it is fixed, thank you @akshaysngupta
Fix isn't present in any release yet though. Is there and e.t.a on a 1.7.1 or 1.8.0 release that will include this?
Using the nightly build has fixed it for me. Will appreciate an ETA on a release.
they have overridden the old 1.7.0 tag... digests changed... re-pulling the image will do it... its not best practice but that is what happened ¯\_(ツ)_/¯
is the Helm Chart (ingress-azure) also Updated ?
they have overridden the old 1.7.0 tag... digests changed... re-pulling the image will do it... its not best practice but that is what happened ¯_(ツ)_/¯
When did they do that? I deployed 1.7.0 earlier today and the error was still present. I then created my own image from the commit in #1538 and it worked...
@cloebig the helm chart is still on 1.6.0, but you could actually bump the image to for example 1.7.0 by setting the image.tag
value (you can see here that it is configurable in the values file)
Hello @HelenaSeidel @DarChaos21 @seizste ! I've been trying to update from 1.6.0 to 1.7.0 a few minutes ago via:
helm upgrade \ ingress-azure \ application-gateway-kubernetes-ingress/ingress-azure \ --version 1.7.0
But I still get "panic: runtime error: invalid memory address or nil pointer dereference". This also happens on a fresh installation. Not sure if it is related, but I use AGIC with Helm and service principal. I'll ask a few question if you can help, please:
1 - How were you able to make 1.7.0 working and how did you transition to workload identity?
2 - I can see you mentioned you configured AGIC using Managed Identity. Was that via Helm or add-on. If via Helm, could you please let me know how? I don't see that managed identity option here https://github.com/Azure/application-gateway-kubernetes-ingress/blob/master/docs/helm-values-documenation.md
Thank you!
I'm getting a panic too on 1.7.0, seems to work if I run 1.6.0 though.
sry haven't had this on my radar anymore.. there was a new release 3 weeks ago which should fix all issues that are related to the fix being implemented in a new image with the same old tag... If there are any further issues, I suggest opening a new dedicated issue b/c this here has been fixed
Describe the bug k8s version: 1.25.6 AGIC version: 1.7.0 I have to mention that we had a k8s upgrade from 1.25.4 although I dont really believe that this is related.
We had the AGIC running with workload identity once, however now it is running into a segmentation fault shortly after startup UPDATE: we identified why it was working before, see below in repro steps
To Reproduce Steps to reproduce the behavior: start AGIC 1.7.0 with workload identity
UPDATE: we reproduced an old scenario where we had the AGW configured by the AGIC 1.6.0 and then rolled the upgrade on the AGIC to 1.7.0, it is working now (not sure for how long tho) - This means it has some issues with running on an empty AGW
Ingress Controller details
kubectl describe pod <ingress controller
> . Thehelm list
.