GuillaumeCisco
commented
4 years ago Can we have detailed information about that please?
Closed samlesu closed 4 years ago
GuillaumeCisco
commented
4 years ago Can we have detailed information about that please?
samlesu
commented
4 years ago When using skaffold, the pod nginx-ingress-controller of a peer was not limited to a namespace. It seems it was redirecting requests to backends of different nodes. It was causing some random 502 HTTP Gateway errors when querying the backend.
According to the nginx-ingress documentation (https://github.com/helm/charts/tree/master/stable/nginx-ingress), this can be solved by setting the variable controller.scope.enabled to true.
ClementGautier
commented
4 years ago @GuillaumeCisco As we deploy one reverse proxy per namespace it has to look for ingresses only in its namespace (and by default it looks for ingresses on all namespaces and you randomly got 502s depending on the nginx reponding to your request).
GuillaumeCisco
commented
4 years ago Tell me if I understand this correctly:
Without controller.scope.enabled, the peer from an organization can redirect http traffic to a backend server from another organization?
ClementGautier
commented
4 years ago @GuillaumeCisco yup exactly
This was causing random HTTP Gateway errors (502) when doing HTTP requests to the backend.