Open mvysny opened 1 year ago
The index.html page can be stored in the persistent storage as documented at https://microk8s.io/docs/addon-hostpath-storage
Very easy:
/var/snap/microk8s/common/default-storage/default-test-pvc-pvc-5178198a-3c89-406d-86e7-5bb369d1ca86
/var/snap/microk8s/common/default-storage/default-test-pvc-pvc-5178198a-3c89-406d-86e7-5bb369d1ca86/index.html
with the following contents:<html>
<head>
<title>Vaadin Shepherd at v-herd.eu</title>
</head>
<body>
<h1>Welcome to Vaadin Shepherd at v-herd.eu</h1>
<p><a href="https://github.com/mvysny/shepherd">Vaadin Shepherd</a> is a very simple way to have your
apps running in the cloud. It builds given git repos periodically and automatically
deploys them to a Kubernetes cluster. Serves as a homebrew "replacement" for Heroku,
to publish your own pet projects. Built with off-the-shelf tools: Kubernetes and Jenkins.</p>
<p>This particular Shepherd instance is running at <code>https://v-herd.eu</code>.</p>
<p>At the moment, this particular service is only available to Vaadin employees. If you'd like to host your app,
please reach out to <code>@mavi</code>
at <code>#v-herd</code> Vaadin Slack channel.</p>
</body>
</html>
Isn't working on v-herd.eu for some reason, I'm still getting a 404 not found page.
$ mkctl describe ingress ingress --namespace v-herd-eu-welcome-page
Name: ingress
Labels: <none>
Namespace: v-herd-eu-welcome-page
Address: 127.0.0.1
Ingress Class: public
Default backend: <default>
TLS:
v-herd-eu-ingress-tls terminates v-herd.eu
Rules:
Host Path Backends
---- ---- --------
v-herd.eu
/ service:80 (10.1.26.251:80)
Annotations: cert-manager.io/cluster-issuer: lets-encrypt
Events: <none>
looks okay, and curl 10.1.26.251
gives me the correct contents of the index.html
, which tells me that the service itself is working properly, so the problem must be in the ingress controller configuration.
The ingress logs of the nginx-ingress-microk8s-controller
DaemonSet reveal interesting fact:
89.166.50.132 - - [12/Apr/2023:11:41:21 +0000] "GET / HTTP/2.0" 404 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0" 17 0.001 [upstream-default-backend] [] 127.0.0.1:8181 146 0.001 404 146c3077006d3b1ac838f2ab9f454aae
So the request isn't routed to service:80
/10.1.26.251:80
as it should, but it instead goes to 127.0.0.1:8181
and returns a 404 page, as documented at the Ingress Default Backend documentation. That means that the rule does not take effect.
Could it be that this happens because the route is 'hijacked' by the certbot plugin somehow?
Curiously, the TLS: line is different for all other ingress rules:
v-herd-eu-ingress-tls terminates v-herd.eu
SNI routes v-herd.eu
.Let me try to define another welcome page routing mechanism, same rules but no mention of lets-encrypt.
Workaround could be to customize the default backend to render the welcome page: https://kubernetes.github.io/ingress-nginx/user-guide/custom-errors/
Important: the new error backend should return 404.
More information on Ingress/Nginx TLS:
Could this be a bug in microk8s? Search https://github.com/canonical/microk8s/issues ... but nothing sensible returned via https://github.com/canonical/microk8s/issues?q=is%3Aissue+cert-manager+exact+upstream-default-backend
Allow to customize a welcome page. Currently Shepherd simply shows 404 not found at https://v-herd.eu . A static index.html file is enough.