search

datalust / helm.datalust.co

Helm charts hosted on helm.datalust.co
Apache License 2.0
10 stars 16 forks source link

Can't create an external IngressRoute #23

Closed dhirschfeld closed 2 years ago

dhirschfeld commented 2 years ago

I deploy the helm chart without the enabling ingress option as I have an traefik instance and use IngressRoute CRDs. I create a route to forward to the seq container on port 80 but am unable to connect.

In traefik the IngressRoute appears to correctly point to http://<seq-container-ip>:80.

How can I get this to work?

In the logs I see:

Seq listening on ["http://localhost/", "https://localhost/", "http://localhost:5341/", "https://localhost:45341/"]

...so it seems the container is only listening on localhost and not <seq-container-ip> - is that the problem? If so, how do I get it to listen on <seq-container-ip>?

nblumhardt commented 2 years ago

The log entry is misleading here; Seq treats localhost as all-interfaces in this case.

Are you rewriting the request path in traefik, to strip any prefixes used by the ingress?

dhirschfeld commented 2 years ago

Are you rewriting the request path in traefik, to strip any prefixes used by the ingress?

It's being served on a subdomain https://seq.my-domain.com/ so that should be fine I'm guessing?

dhirschfeld commented 2 years ago

The service is up and seems to be listening on port 80:

NAMESPACE           NAME                             TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                      AGE
logging             seq                              ClusterIP      10.255.121.183   <none>          80/TCP,5341/TCP              5m51s

The pod is running and has an IP 10.231.112.140:

NAME                   READY   STATUS    RESTARTS   AGE     IP               NODE                              NOMINATED NODE   READINESS GATES
seq-7bcf9cd5dc-7vlxk   1/1     Running   0          7m55s   10.231.112.140   aks-compute-37753270-vmss00004e   <none>           <none>

The traefik ingress maps the seq service, port 80 to the seq.my-domain.com route:

# https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-ingressroute
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: seq-ui
  namespace: logging
spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: Host(`seq.my-domain.com`)
      services:
        - kind: Service
          name: seq
          namespace: logging
          passHostHeader: true
          port: 80
  tls: {}

The traefik UI shows the route correctly being mapped to the container ip/port:

image

...so it looks like things should be working 🤔

Actually, the error I'm getting is ERR_NAME_NOT_RESOLVED so maybe there is a DNS issue 🤦

I can bring up the UI with:

kubectl port-forward -n logging service/seq 8080:80

...so I'll look into the DNS angle 😬

dhirschfeld commented 2 years ago

Right, user-error - I forgot to add a DNS record to our private DNS zone 😳

nblumhardt commented 2 years ago

Great! Glad you were able to track it down :+1: