search

emissary-ingress / emissary

open source Kubernetes-native API gateway for microservices built on the Envoy Proxy
https://www.getambassador.io
Apache License 2.0
4.36k stars 683 forks source link

Ingress no longer functions #5451

Open darkn3rd opened 10 months ago

darkn3rd commented 10 months ago

Describe the bug

The ingress resource is not functional it seems, emissary-ingress does not capture any changes needed. If there are any other requirements outside of the ingress, it is not documented at https://www.getambassador.io/docs/emissary/latest/topics/running/ingress-controller#when-and-how-to-use-the-ingress-resource

To Reproduce Steps to reproduce the behavior:

  1. Install an ingress resource for a service that supports HTTP, e.g. 
    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: dg-dgraph-ingress
  annotations:
    kubernetes.io/ingress.class: ambassador
spec:
  ingressClassName: ambassador
  rules:
    - http:
        paths:
          - backend:
              service:
                name:  dg-dgraph-alpha
                port:
                  number: 8080
            pathType: ImplementationSpecific
            path: /
      host: dgraph.local

  2. Either update DNS record or /etc/hosts with emissary-ingress LB address

    export DGRAPH_HOSTNAME_HTTP="dgraph.local"
export SERVICE_IP=$(kubectl get svc emissary-ingress \
  --namespace emissary \
  --output jsonpath='{.status.loadBalancer.ingress[0].ip}'
)

sudo sh -c "echo ${SERVICE_IP} ${DGRAPH_HOSTNAME_HTTP} >> /etc/hosts"
  3. Attempt to reach the address 
    curl -siv dgraph.local/state

    Expected behavior

I would expect when accessing the endpoint using the hostname, e.g. dgraph.local, that I would get a response from the server. This means that emissary-ingress would scan for the ingress resource, make the appropriate configurations, and communicate this in the logs. But not of these seems to be happening.

When I try to configure something similar using Listerner, Host, and Mapping, this works fine.

Versions (please complete the following information):

Additional context

export DGRAPH_ALLOW_LIST="0.0.0.0/0" 
export DGRAPH_RELEASE_NAME="dg"
helm repo add dgraph https://charts.dgraph.io
helm update
helm install $DGRAPH_RELEASE_NAME dgraph/dgraph \
  --namespace dgraph \
  --create-namespace \
  --values -  <<EOF
zero:
  persistence:
    storageClass: premium-rwo
    size: 10Gi
alpha:
  configFile:
    config.yaml: |
      security:
        whitelist: ${DGRAPH_ALLOW_LIST}
  persistence:
    storageClass: premium-rwo
    size: 30Gi
EOF
darkn3rd commented 10 months ago

This is also minimal steps using Apache HTTPd

# deploy application 
kubectl create namespace "ingress-test"
kubectl create deployment httpd \
  --image "httpd" \
  --replicas 3 \
  --port 80 \
  --namespace "ingress-test"

# create proxy to deployment
kubectl expose deployment httpd \
  --port 80 \
  --target-port 80 \
  --type ClusterIP \
  --namespace "ingress-test"

# provision application load balancer
kubectl create ingress httpd-ingress \
  --rule "ingress.test/=httpd:80" \
  --annotation "kubernetes.io/ingress.class=ambassador" \
  --class "ambassador" \
  --namespace "ingress-test"

export SERVICE_IP=$(kubectl get svc emissary-ingress \
  --namespace emissary \
  --output jsonpath='{.status.loadBalancer.ingress[0].ip}'
)

sudo sh -c "echo ${SERVICE_IP} ingress.test >> /etc/hosts"

curl ingress.test
darkn3rd commented 6 months ago

I hope someone can look at this.