search

kubernetes / ingress-nginx

Ingress-NGINX Controller for Kubernetes
https://kubernetes.github.io/ingress-nginx/
Apache License 2.0
17k stars 8.15k forks source link

Exact pathType behaves the same as Prefix when another rule uses rewrite-target #8208

Closed jtackaberry closed 1 year ago

jtackaberry commented 2 years ago

Problem Statement

Consider the following Ingress definition which uses the permanent-redirect annotation to issue a 301 Redirect for matched path:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: redirects
  namespace: websites
  annotations:
    nginx.ingress.kubernetes.io/permanent-redirect: https://github.com/
spec:
  rules:
    - host: example.com
      http:
        paths:
          - backend:
              service:
                name: webserver
                port:
                  name: webserver
            path: /changelog
            pathType: Exact

Querying https://example.com/changelog redirects as expected.

But what's unexpected is that when another Ingress rule is defined that uses rewrite-target, the above Ingress will also redirect https://example.com/changelogfoobarbaz.

On the ingress controller pod, nginx.conf contains the following for both Exact and Prefix:

location ~* "^/changelog" {

This what I expect for Prefix, but not for Exact. For Exact I would have expected:

location ~* "^/changelog$" {

This condition only occurs when there is another Ingress in the same scope that defines a nginx.ingress.kubernetes.io/rewrite-target annotation.

Steps to Reproduce

Perform this method of procedure on a fresh cluster:

# Deploy ingress-nginx via Helm chart.  We enable the default backend just to have a target
# we can use to simplify the test case (avoids deploying a separate service).
$ helm repo add --force-update ingress-nginx https://kubernetes.github.io/ingress-nginx
$ helm upgrade --install -n ingress-nginx --create-namespace ingress-nginx \
     ingress-nginx/ingress-nginx \
     --set defaultBackend.enabled=true \
     --set controller.ingressClassResource.default=true

# Generate the meat of our test case.  The first Ingress rule is the necessary precondition:
# an unrelated (but in the same `host` scope) Prefix rule that uses the rewrite-target
# annotation.
#
# The next rule that uses the permanent-redirect annotation is the actual problem.
$ cat > ingress.yaml << EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: precondition
  namespace: ingress-nginx
  annotations:
     nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
  rules:
    - host: example.com
      http:
        paths:
          - backend:
              service:
                name: ingress-nginx-defaultbackend
                port:
                  name: http
            path: /unrelated-subpath/(.*)
            pathType: Prefix
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: testcase
  namespace: ingress-nginx
  annotations:
    nginx.ingress.kubernetes.io/permanent-redirect: https://github.com/
spec:
  rules:
    - host: example.com
      http:
        paths:
          - backend:
              service:
                name: ingress-nginx-defaultbackend
                port:
                  name: http
            path: /testcase
            pathType: Exact
EOF
$ kubectl apply -f ingress.yaml

# Execute until the LoadBalancer Service external IP is realized
$ watch kubectl get -n ingress-nginx services
# Assign the IP to a variable
$ ip=$(kubectl get -n ingress-nginx service/ingress-nginx-controller \
          --template='{{(index .status.loadBalancer.ingress 0).ip}}')

# Use curl to confirm the positive case (expected result)
$ curl -kis https://example.com/testcase --resolve example.com:443:$ip | grep location
location: https://github.com/

# Now try again with a different URL that matches the same prefix but SHOULD FAIL
# due to not being an exact match. 
$ curl -kis https://example.com/testcasefoobarbaz --resolve example.com:443:$ip | grep location
# ACTUAL RESULT
location: https://github.com/
# EXPECTED RESULT
(empty string)

Environment State Following Reproduction Steps

Given the above reproduction steps, here are more details from the resulting environment (which in my case is hosted in DOKS, but is repeatable on Vultr):

$ kubectl -n ingress-nginx get service/ingress-nginx-controller -o yaml
apiVersion: v1
kind: Service
metadata:
  annotations:
    kubernetes.digitalocean.com/load-balancer-id: 7f532b2c-3799-4ad9-ba83-137316ccc176
    meta.helm.sh/release-name: ingress-nginx
    meta.helm.sh/release-namespace: ingress-nginx
  creationTimestamp: "2022-01-31T03:48:01Z"
  finalizers:
  - service.kubernetes.io/load-balancer-cleanup
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.1.1
    helm.sh/chart: ingress-nginx-4.0.16
  name: ingress-nginx-controller
  namespace: ingress-nginx
  resourceVersion: "12646"
  uid: 800ee1a7-dcf2-44d1-9e89-b49c9ae79cba
spec:
  clusterIP: 10.245.63.255
  clusterIPs:
  - 10.245.63.255
  externalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - appProtocol: http
    name: http
    nodePort: 31355
    port: 80
    protocol: TCP
    targetPort: http
  - appProtocol: https
    name: https
    nodePort: 31799
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer:
    ingress:
    - ip: <public IP redacted>

$ kubectl -n ingress-nginx describe service/ingress-nginx-controller
Name:                     ingress-nginx-controller
Namespace:                ingress-nginx
Labels:                   app.kubernetes.io/component=controller
                          app.kubernetes.io/instance=ingress-nginx
                          app.kubernetes.io/managed-by=Helm
                          app.kubernetes.io/name=ingress-nginx
                          app.kubernetes.io/part-of=ingress-nginx
                          app.kubernetes.io/version=1.1.1
                          helm.sh/chart=ingress-nginx-4.0.16
Annotations:              kubernetes.digitalocean.com/load-balancer-id: 7f532b2c-3799-4ad9-ba83-137316ccc176
                          meta.helm.sh/release-name: ingress-nginx
                          meta.helm.sh/release-namespace: ingress-nginx
Selector:                 app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.245.63.255
IPs:                      10.245.63.255
LoadBalancer Ingress:     <public IP redacted>
Port:                     http  80/TCP
TargetPort:               http/TCP
NodePort:                 http  31355/TCP
Endpoints:                10.244.0.103:80
Port:                     https  443/TCP
TargetPort:               https/TCP
NodePort:                 https  31799/TCP
Endpoints:                10.244.0.103:443
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

$ kubectl -n ingress-nginx get ingress/precondition -o yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"networking.k8s.io/v1","kind":"Ingress","metadata":{"annotations":{"nginx.ingress.kubernetes.io/rewrite-target":"/$1"},"name":"precondition","namespace":"ingress-nginx"},"spec":{"rules":[{"host":"example.com","http":{"paths":[{"backend":{"service":{"name":"ingress-nginx-defaultbackend","port":{"name":"http"}}},"path":"/unrelated-subpath/(.*)","pathType":"Prefix"}]}}]}}
    nginx.ingress.kubernetes.io/rewrite-target: /$1
  creationTimestamp: "2022-01-31T02:45:11Z"
  generation: 6
  name: precondition
  namespace: ingress-nginx
  resourceVersion: "12726"
  uid: 7b16aa67-c45c-4a16-99c2-5334ea34b739
spec:
  ingressClassName: nginx
  rules:
  - host: example.com
    http:
      paths:
      - backend:
          service:
            name: ingress-nginx-defaultbackend
            port:
              name: http
        path: /unrelated-subpath/(.*)
        pathType: Prefix
status:
  loadBalancer:
    ingress:
    - ip: <public IP redacted>

$ kubectl -n ingress-nginx describe ingress/precondition
Name:             precondition
Namespace:        ingress-nginx
Address:          <public IP redacted>
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host         Path  Backends
  ----         ----  --------
  example.com
               /unrelated-subpath/(.*)   ingress-nginx-defaultbackend:http (10.244.0.79:8080)
Annotations:   nginx.ingress.kubernetes.io/rewrite-target: /$1
Events:        <none>

$ kubectl -n ingress-nginx get ingress/testcase -o yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"networking.k8s.io/v1","kind":"Ingress","metadata":{"annotations":{"nginx.ingress.kubernetes.io/permanent-redirect":"https://github.com/"},"name":"testcase","namespace":"ingress-nginx"},"spec":{"rules":[{"host":"example.com","http":{"paths":[{"backend":{"service":{"name":"ingress-nginx-defaultbackend","port":{"name":"http"}}},"path":"/testcase","pathType":"Exact"}]}}]}}
    nginx.ingress.kubernetes.io/permanent-redirect: https://github.com/
  creationTimestamp: "2022-01-31T02:45:11Z"
  generation: 2
  name: testcase
  namespace: ingress-nginx
  resourceVersion: "12728"
  uid: afd365d8-a91c-47a8-9d2a-ee68f114d4c6
spec:
  ingressClassName: nginx
  rules:
  - host: example.com
    http:
      paths:
      - backend:
          service:
            name: ingress-nginx-defaultbackend
            port:
              name: http
        path: /testcase
        pathType: Exact
status:
  loadBalancer:
    ingress:
    - ip: <public IP redacted>

$ kubectl -n ingress-nginx describe ingress/testcase
Name:             testcase
Namespace:        ingress-nginx
Address:          <public IP redacted>
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host         Path  Backends
  ----         ----  --------
  example.com
               /testcase   ingress-nginx-defaultbackend:http (10.244.0.79:8080)
Annotations:   nginx.ingress.kubernetes.io/permanent-redirect: https://github.com/
Events:        <none>

Here is the resulting nginx.conf on the controller pod:

nginx.zip

Here are the ingress controller log lines generated from the above two curl requests:

# Command
$ curl -kis https://example.com/testcase --resolve example.com:443:$ip
# Resulting log line (301 is the EXPECTED RESULT)
10.137.0.4 - - [01/Feb/2022:15:44:43 +0000] "GET /testcase HTTP/2.0" 301 162 "-" "curl/7.68.0" 35 0.000 [ingress-nginx-ingress-nginx-defaultbackend-http] [] - - - - 78a5281eb1d146f3076e161d01acdebf

# Command
$ curl -kis https://example.com/testcasefoobarbaz --resolve example.com:443:$ip 
# Resulting log line (301 is an UNEXPECTED RESULT - 404 is expected due to use of pathType: Exact)
10.137.0.4 - - [01/Feb/2022:15:45:56 +0000] "GET /testcasefoobarbaz HTTP/2.0" 301 162 "-" "curl/7.68.0" 42 0.000 [ingress-nginx-ingress-nginx-defaultbackend-http] [] - - - - f20e268c2a237f231452d2650a6c530c

Environment Details

NGINX Ingress controller version

NGINX Ingress controller
  Release:       v1.1.1
  Build:         a17181e43ec85534a6fea968d95d019c5a4bc8cf
  Repository:    https://github.com/kubernetes/ingress-nginx
  nginx version: nginx/1.19.9

Kubernetes version

Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.4", GitCommit:"b695d79d4f967c403a96986f1750a35eb75e75f1", GitTreeState:"clean", BuildDate:"2021-11-17T15:48:33Z", GoVersion:"go1.16.10", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.6", GitCommit:"f59f5c2fda36e4036b49ec027e556a15456108f0", GitTreeState:"clean", BuildDate:"2022-01-19T17:26:47Z", GoVersion:"go1.16.12", Compiler:"gc", Platform:"linux/amd64"}

Environment:

$ helm -n ingress-nginx get values ingress-nginx controller: config: force-ssl-redirect: true hsts-max-age: 31536000 log-format-escape-json: "true" log-format-upstream: status=$status path="$request_uri" method=$request_method ingress=$ingress_name remote_addr=$proxy_protocol_addr response_length=$bytes_sent duration=$request_time host=$http_host protocol=$server_protocol referer="$http_referer" agent="$http_user_agent" ssl_protocol=$ssl_protocol ssl_cipher=$ssl_cipher scheme=$scheme request_length=$request_length request_id=$req_id user=$remote_user namespace=$namespace service=$service_name:$service_port real-ip-header: proxy_protocol ssl-ciphers: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384 use-proxy-protocol: "true" worker-processes: 2 extraArgs: default-ssl-certificate: ingress-nginx/default-cert-tls image: tag: v1.1.1 ingressClassResource: default: true metrics: enabled: true replicaCount: 1 service: annotations: service.beta.kubernetes.io/vultr-loadbalancer-proxy-protocol: "true" defaultBackend: enabled: false


- **Current State of the controller**:

$ kubectl describe ingressclasses Name: nginx Labels: app.kubernetes.io/component=controller app.kubernetes.io/instance=ingress-nginx app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=ingress-nginx app.kubernetes.io/part-of=ingress-nginx app.kubernetes.io/version=1.1.1 helm.sh/chart=ingress-nginx-4.0.16 Annotations: ingressclass.kubernetes.io/is-default-class: true meta.helm.sh/release-name: ingress-nginx meta.helm.sh/release-namespace: ingress-nginx Controller: k8s.io/ingress-nginx Events:

$ kubectl -n ingress-nginx get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES ingress-nginx-controller-59b6745b68-kstn5 1/1 Running 0 4d 10.244.44.11 default-38df614b9441

$ kubectl -n ingress-nginx get svc -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR ingress-nginx-controller LoadBalancer 10.96.29.106 80:32035/TCP,443:32583/TCP 4d app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx ingress-nginx-controller-admission ClusterIP 10.110.101.181 443/TCP 4d app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx ingress-nginx-controller-metrics ClusterIP 10.102.70.74 10254/TCP 4d app.kubernetes.io/component=controller,app.kubernetes.io/instance=ingress-nginx,app.kubernetes.io/name=ingress-nginx

k8s-ci-robot commented 2 years ago

@jtackaberry: This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
longwuyuan commented 2 years ago

@jtackaberry Hi, Thanks for reporting this. If what you are saying is true, then it looks like a bug.

You can help out by kindly writing step-by-step instructions, for reproducing. If someone can copy/paste from, your instructions on their kind/minikube/kubeadm/other cluster, to reproduce this, it will save developer time & help complete/accept triage to get some priority on the issue. There is lack of resources so clear data showing priority helps.

jtackaberry commented 2 years ago

@longwuyuan done. Apologies for not doing that to begin with. It turned out the actual test case was a bit more complicated -- it required the precondition of having another rule that uses nginx.ingress.kubernetes.io/rewrite-target. I've updated my original post with repeatable commands to reproduce the issue.

longwuyuan commented 2 years ago

Thank you very much for the steps. Was worried that controller broke api specs.

Now, your update complicates the issue. So step1 request is kindly make sure all ingress objects have defined ingress.spec.rules.host field. Need to know behaviour with that field defined. Waiting for your update.

Thanks, ; Long

On Mon, 31 Jan, 2022, 8:33 AM Jason Tackaberry, @.***> wrote:

@longwuyuan https://github.com/longwuyuan done. Apologies for not doing that to begin with. It turned out the actual test case was a bit more complicated -- it required the precondition of having another rule that uses nginx.ingress.kubernetes.io/rewrite-target. I've updated my original post with repeatable commands to reproduce the issue.

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025332849, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWRAWHM7FWKXGQ4DVXTUYX3ZHANCNFSM5NE2XLPA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

jtackaberry commented 2 years ago

So step1 request is kindly make sure all ingress objects have defined ingress.spec.rules.host field.

@longwuyuan Done. OP updated.

longwuyuan commented 2 years ago

Thanks. Did you check nginx.conf.

Kindly add more info. Please add kubectl describe for the service type LoadBalancer created by the controller. Then for each ingress object, please add the kubectl describe. After that, for each curl, please add the log messages of the controller pod, related to that specific curl request.

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:24 AM Jason Tackaberry, @.***> wrote:

So step1 request is kindly make sure all ingress objects have defined ingress.spec.rules.host field.

@longwuyuan https://github.com/longwuyuan Done. OP updated.

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025352912, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWQT2V3YOKKTOVFK4G3UYYBY7ANCNFSM5NE2XLPA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

jtackaberry commented 2 years ago

I probably won't be able to get to this until at least next weekend. If you think of anything further you'd like to see between now and then, please let me know.

For what it's worth, the test case is complete and repeatable and clearly demonstrates the bug.

longwuyuan commented 2 years ago

I think it's complete too but a person reproducing should compare the state, the curl and the logs. Hope I can reproduce too.

Current thought is permanent redirect and rewrite are contending plus not designed to be used together on one fqdn. It will be interesting to see what server block contains in nginx.conf

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:48 AM Jason Tackaberry, @.***> wrote:

I probably won't be able to get to this until at least next weekend. If you think of anything further you'd like to see between now and then, please let me know.

For what it's worth, the test case is complete and repeatable and clearly demonstrates the bug.

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025363932, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWVHBO33OEGTZMTB7XTUYYEQ7ANCNFSM5NE2XLPA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

longwuyuan commented 2 years ago

@nishant-jain-94, would you be interested to pair on this one

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:56 AM Yuan, @.***> wrote:

I think it's complete too but a person reproducing should compare the state, the curl and the logs. Hope I can reproduce too.

Current thought is permanent redirect and rewrite are contending plus not designed to be used together on one fqdn. It will be interesting to see what server block contains in nginx.conf

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:48 AM Jason Tackaberry, @.***> wrote:

I probably won't be able to get to this until at least next weekend. If you think of anything further you'd like to see between now and then, please let me know.

For what it's worth, the test case is complete and repeatable and clearly demonstrates the bug.

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025363932, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWVHBO33OEGTZMTB7XTUYYEQ7ANCNFSM5NE2XLPA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

longwuyuan commented 2 years ago

@jtackaberry, it will be nice to see kubectl describe of ingress objects so that the ingressClassName is verified.

Thanks, ; Long

On Mon, 31 Jan, 2022, 10:06 AM Yuan, @.***> wrote:

@nishant-jain-94, would you be interested to pair on this one

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:56 AM Yuan, @.***> wrote:

I think it's complete too but a person reproducing should compare the state, the curl and the logs. Hope I can reproduce too.

Current thought is permanent redirect and rewrite are contending plus not designed to be used together on one fqdn. It will be interesting to see what server block contains in nginx.conf

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:48 AM Jason Tackaberry, @.***> wrote:

I probably won't be able to get to this until at least next weekend. If you think of anything further you'd like to see between now and then, please let me know.

For what it's worth, the test case is complete and repeatable and clearly demonstrates the bug.

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025363932, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWVHBO33OEGTZMTB7XTUYYEQ7ANCNFSM5NE2XLPA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

nishant-jain-94 commented 2 years ago

Yes @Long. I have started running this on my machine. Yet to reproduce the problem. Still working on it. Thank you.

On Mon, Jan 31, 2022, 10:26 Long Wu Yuan @.***> wrote:

@jtackaberry, it will be nice to see kubectl describe of ingress objects so that the ingressClassName is verified.

Thanks, ; Long

On Mon, 31 Jan, 2022, 10:06 AM Yuan, @.***> wrote:

@nishant-jain-94, would you be interested to pair on this one

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:56 AM Yuan, @.***> wrote:

I think it's complete too but a person reproducing should compare the state, the curl and the logs. Hope I can reproduce too.

Current thought is permanent redirect and rewrite are contending plus not designed to be used together on one fqdn. It will be interesting to see what server block contains in nginx.conf

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:48 AM Jason Tackaberry, @.***> wrote:

I probably won't be able to get to this until at least next weekend. If you think of anything further you'd like to see between now and then, please let me know.

For what it's worth, the test case is complete and repeatable and clearly demonstrates the bug.

— Reply to this email directly, view it on GitHub < https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025363932 , or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABGZVWVHBO33OEGTZMTB7XTUYYEQ7ANCNFSM5NE2XLPA

. Triage notifications on the go with GitHub Mobile for iOS < https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675

or Android < https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .

You are receiving this because you were mentioned.Message ID: @.***>

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025380403, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADUFFDV5WQIGQXONIWBAZZTUYYI7NANCNFSM5NE2XLPA . You are receiving this because you were mentioned.Message ID: @.***>

longwuyuan commented 2 years ago

Thank you Nishant. We can sync on slack.

Thanks, ; Long

On 2/1/22 9:13 AM, Nishant Jain wrote:

Yes @Long. I have started running this on my machine. Yet to reproduce the problem. Still working on it. Thank you.

On Mon, Jan 31, 2022, 10:26 Long Wu Yuan @.***> wrote:

@jtackaberry, it will be nice to see kubectl describe of ingress objects so that the ingressClassName is verified.

Thanks, ; Long

On Mon, 31 Jan, 2022, 10:06 AM Yuan, @.***> wrote:

@nishant-jain-94, would you be interested to pair on this one

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:56 AM Yuan, @.***> wrote:

I think it's complete too but a person reproducing should compare the state, the curl and the logs. Hope I can reproduce too.

Current thought is permanent redirect and rewrite are contending plus not designed to be used together on one fqdn. It will be interesting to see what server block contains in nginx.conf

Thanks, ; Long

On Mon, 31 Jan, 2022, 9:48 AM Jason Tackaberry, @.***> wrote:

I probably won't be able to get to this until at least next weekend. If you think of anything further you'd like to see between now and then, please let me know.

For what it's worth, the test case is complete and repeatable and clearly demonstrates the bug.

— Reply to this email directly, view it on GitHub <

https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025363932

,

or unsubscribe <

https://github.com/notifications/unsubscribe-auth/ABGZVWVHBO33OEGTZMTB7XTUYYEQ7ANCNFSM5NE2XLPA

. Triage notifications on the go with GitHub Mobile for iOS <

https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675

or Android <

https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub

.

You are receiving this because you were mentioned.Message ID: @.***>

— Reply to this email directly, view it on GitHub

https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1025380403, or unsubscribe

https://github.com/notifications/unsubscribe-auth/ADUFFDV5WQIGQXONIWBAZZTUYYI7NANCNFSM5NE2XLPA . You are receiving this because you were mentioned.Message ID: @.***>

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1026449767, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWWWAS4OU2X25C7F7Y3UY5JGVANCNFSM5NE2XLPA. Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

jtackaberry commented 2 years ago

@longwuyuan I've updated the "Steps to Reproduce" section in my original comment with the requested information.

longwuyuan commented 2 years ago

Thank you. It helps a lot.

Thanks, ; Long

On Tue, 1 Feb, 2022, 9:23 PM Jason Tackaberry, @.***> wrote:

@longwuyuan https://github.com/longwuyuan I've updated the "Steps to Reproduce" section in my original comment with the requested information.

— Reply to this email directly, view it on GitHub https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1026995681, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABGZVWUAU7BWQSIFU2LOSS3UY76XRANCNFSM5NE2XLPA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

k8s-triage-robot commented 2 years ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

jtackaberry commented 2 years ago

/remove-lifecycle stale

k8s-triage-robot commented 1 year ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 1 year ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot commented 1 year ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-ci-robot commented 1 year ago

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to [this](https://github.com/kubernetes/ingress-nginx/issues/8208#issuecomment-1262715416): >The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. > >This bot triages issues according to the following rules: >- After 90d of inactivity, `lifecycle/stale` is applied >- After 30d of inactivity since `lifecycle/stale` was applied, `lifecycle/rotten` is applied >- After 30d of inactivity since `lifecycle/rotten` was applied, the issue is closed > >You can: >- Reopen this issue with `/reopen` >- Mark this issue as fresh with `/remove-lifecycle rotten` >- Offer to help out with [Issue Triage][1] > >Please send feedback to sig-contributor-experience at [kubernetes/community](https://github.com/kubernetes/community). > >/close not-planned > >[1]: https://www.kubernetes.dev/docs/guide/issue-triage/ Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.