Configure ingress failure

[ghost]

I can not create the following svc. There are no firewall betwwen master and worker node. As they are on the same servers apiVersion: extensions/v1beta1 kind: Ingress metadata: name: cafe-ingress spec: tls:

• hosts:
  • cafe.example.com secretName: cafe-secret rules:
• host: cafe.example.com http: paths:
  • path: /tea backend: serviceName: tea-svc servicePort: 80
  • path: /coffee backend: serviceName: coffee-svc servicePort: 80

[root@ms03 ~]# kubectl get po NAME READY STATUS RESTARTS AGE my-release-nginx-ingress-94b46b74f-z9fdq 1/1 Running 0 2m28s

[root@ms03 ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 443/TCP 16m my-release-nginx-ingress LoadBalancer 10.106.206.22 192.168.1.99 80:30305/TCP,443:32351/TCP 2m2s

[root@ms03 ~]# kubectl apply -f test.yaml Error from server (InternalError): error when creating "test.yaml": Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io": Post https://ingress-nginx-controller-admission.ingress-nginx.svc:443/extensions/v1beta1/ingresses?timeout=30s: service "ingress-nginx-controller-admission" not found

my-release-nginx-ingress LoadBalancer 10.106.206.22 80:30305/TCP,443:32351/TCP 2m2s

[aledbf]

service "ingress-nginx-controller-admission" not found

How are you installing the ingress controller? It seems the admission controller is not installed https://github.com/kubernetes/ingress-nginx/blob/master/deploy/static/provider/cloud/deploy.yaml#L250

[ghost]

I install ingress controller on baremetal VM as following

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx helm repo update helm install rhrepo ingress-nginx/ingress-nginx

I find the issues did not appear on CentOS 7, Only appear in RedHat Linux 7

============= I install once again using Baremetal yaml

[root@master /]# kubectl get po -n ingress-nginx NAME READY STATUS RESTARTS AGE ingress-nginx-admission-create-n22jq 0/1 Completed 0 9s ingress-nginx-admission-patch-96xzs 0/1 Completed 1 9s ingress-nginx-controller-75f84dfcd7-9w5nb 0/1 Running 0 19s

[root@master /kubectl apply -f ingress.yaml -n ingress-nginx service/rhrepo-service created endpoints/rhrepo-service created Error from server (InternalError): error when creating "ingress.yaml": Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io": Post https://ingress-nginx-controller-admission.ingress-nginx.svc:443/extensions/v1beta1/ingresses?timeout=30s: Service Unavailable

ingress.yaml

apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: ingress-myservicea annotations:

use the shared ingress-nginx

kubernetes.io/ingress.class: "nginx"

spec: rules:

• host: dev01.com http: paths:
  • path: / backend: serviceName: myservicea servicePort: 80

[ghost]

API Server logging

W0630 02:16:56.406301 1 dispatcher.go:133] Failed calling webhook, failing closed validate.nginx.ingress.kubernetes.io: failed calling webhook "validate.nginx.ingress.kubernetes.io": Post https://ingress-nginx-controller-admission.ingress-nginx.svc:443/extensions/v1beta1/ingresses?timeout=30s: Service Unavailable W0630 02:16:56.410014 1 dispatcher.go:133] Failed calling webhook, failing closed validate.nginx.ingress.kubernetes.io: failed calling webhook "validate.nginx.ingress.kubernetes.io": Post https://rhrepo-ingress-nginx-controller-admission.ingress-nginx.svc:443/extensions/v1beta1/ingresses?timeout=30s: Service Unavailable E0630 02:16:56.410042 1 dispatcher.go:158] Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io": Post https://rhrepo-ingress-nginx-controller-admission.ingress-nginx.svc:443/extensions/v1beta1/ingresses?timeout=30s: Service Unavailable

[root@master /]# service firewalld status Redirecting to /bin/systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) [root@master /]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: permissive Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31

[fejta-bot]

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale

[fejta-bot]

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle rotten

[fejta-bot]

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /close

[k8s-ci-robot]

@fejta-bot: Closing this issue.

In response to [this](https://github.com/kubernetes/ingress-nginx/issues/5810#issuecomment-734638157): >Rotten issues close after 30d of inactivity. >Reopen the issue with `/reopen`. >Mark the issue as fresh with `/remove-lifecycle rotten`. > >Send feedback to sig-testing, kubernetes/test-infra and/or [fejta](https://github.com/fejta). >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.