https://pulumi.com logo
Powered by
Title
i

important-football-6131

02/26/2023, 8:14 PM
anyone had any luck making ingress work with kubernetes in pulumi?
b

billowy-army-68599

02/26/2023, 9:43 PM
should be straightforward, what’s the problem?
i

important-football-6131

02/26/2023, 9:44 PM
ive tried this
https://www.pulumi.com/registry/packages/kubernetes-ingress-nginx/
and
https://github.com/pulumi/pulumi-kubernetes-ingress-nginx/blob/master/examples/simple-nginx-ts/index.ts
both not working
i’m getting 404
b

billowy-army-68599

02/26/2023, 10:03 PM
tell me more about your environment? Where is your Kubernetes clusters? How are you trying to access the ingress (ie, the address)
how is DNS configured?
i

important-football-6131

02/26/2023, 10:10 PM
i have installed kubernetes with managed nodes on aws
than used that code for ingress
which ive sen it did create a classic load balancer
but if i copy the load balancer address
and now paste it int he browser its giving me 404
the internal networking works in kubernetes
but then I cannot expose the traffic
const deployment = new k8s.apps.v1.Deployment(
    appName,
    {
      metadata: { name: appName },
      spec: {
        selector: {
          matchLabels: { app: appName }
        },
        replicas: 1,
        template: {
          metadata: {
            labels: { app: appName }
          },
          spec: {
            containers: [
              {
                resources: {
                  limits: {
                    memory: '128Mi',
                    cpu: '100m'
                  },
                  requests: {
                    memory: '64Mi',
                    cpu: '100m'
                  }
                },
                name: appName,
                image: appImage.imageUri,
                ports: [{ containerPort: 8080 }],
                env: []
              }
            ]
          }
        }
      }
    },
    { provider: eksCluster.provider }
  ) 
  const service = new k8s.core.v1.Service(
    `${appName}-svc`,
    {
      metadata: {
        name: appName,
        labels: deployment.metadata.labels
      },
      spec: {
        type: 'ClusterIP',

        ports: [{ port: 80, targetPort: 8080 }],
        selector: { app: appName }
      }
    },
    {
      provider: eksCluster.provider
    }
  )
this is the service of one of my pods
and this is my ingress
const appIngress = new k8s.networking.v1.Ingress('opl-ingress', {
    metadata: {
      name: 'opl-k8s-ingress',
      annotations: {
        '<http://nginx.ingress.kubernetes.io/rewrite-target|nginx.ingress.kubernetes.io/rewrite-target>': '/',
        '<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>': 'nginx',

      }
    },
    spec: {
      rules: [
        {
          host: publicUrl,
              {
                backend: {
                  service: {
                    name: ClientAppName,
                    port: {
                      number: 80
                    }
                  }
                },
                path: '/',
                pathType: 'Prefix'
              }
            ]
          }
        }
      ]
    }
  })
b

billowy-army-68599

02/26/2023, 10:35 PM
but if i copy the load balancer address
That’s because the load balancer address doesn’t know where to your because you’re missing the host header. If you do: 
curl --header "Host: <ingress address>" <loadbalancer address>
It’ll likely work
i

important-football-6131

02/26/2023, 10:40 PM
could not resolve
but if i use the load balancer address it should redirect me to the service and get the content from the pod no?
b

billowy-army-68599

02/26/2023, 10:46 PM
but if i use the load balancer address it should redirect me to the service
Well, if you’ve pointed DNS to the service it should yeah. You need a DNS CNAME for your ingress address to direct you to the service
i

important-football-6131

02/26/2023, 10:46 PM
that what i did
ok thanks
i’ll try again
same issues
b

billowy-army-68599

02/27/2023, 4:26 PM
okay, need more information then I’d say
i

important-football-6131

02/27/2023, 7:17 PM
I see
you have done a demo for this
https://github.com/jaxxstorm/pulumi-nginx-demo/blob/main/infra/index.ts
b

billowy-army-68599

02/27/2023, 7:17 PM
yeah you can definitely get this working
i

important-football-6131

02/27/2023, 7:17 PM
i might have missed the tagging for the subnets
b

billowy-army-68599

02/27/2023, 7:18 PM
if you do 
kubectl get svc --all-namespaces
what do you get back?
i

important-football-6131

02/27/2023, 7:18 PM
a few services
any you are interested in?
default        kubernetes                                                ClusterIP      172.20.0.1       <none>                                                                    443/TCP                                                  46h
default        myctrl-helm-94b738ff-ingress-nginx-controller             LoadBalancer   172.20.28.30     <http://a60da7f31b9864e568bf8d320040c55e-1877713466.eu-west-2.elb.amazonaws.com|a60da7f31b9864e568bf8d320040c55e-1877713466.eu-west-2.elb.amazonaws.com>   80:30575/TCP,443:31871/TCP                               26h
default        myctrl-helm-94b738ff-ingress-nginx-controller-admission   ClusterIP      172.20.1.216     <none>                                                                    443/TCP                                                  26h
b

billowy-army-68599

02/27/2023, 7:25 PM
okay so you have a valid loadbalancer, that’s throwing the 404 can you show me your ingress?
i

important-football-6131

02/27/2023, 7:26 PM
const ctrl = new nginx.IngressController('myctrl', {
    controller: {
      publishService: {
        enabled: true
      }
    }
  })

  // Next, expose the app using an Ingress.
  const appIngress = new k8s.networking.v1.Ingress('opl-ingress', {
    metadata: {
      name: 'opl-k8s-ingress',
      annotations: {
        '<http://nginx.ingress.kubernetes.io/rewrite-target|nginx.ingress.kubernetes.io/rewrite-target>': '/',
        '<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>': 'nginx'

      }
    },
    spec: {
      rules: [
        {
          host: publicUrl,
          http: {
            paths: [
              {
                backend: {
                  service: {
                    name: ClientAppName,
                    port: {
                      number: 80
                    }
                  }
                },
                path: '/',
                pathType: 'Prefix'
              }
            ]
          }
        }
      ]
    }
b

billowy-army-68599

02/27/2023, 7:28 PM
what does it look like on the cluster? 
kubectl get ing
on the namespace it’s installed into
i

important-football-6131

02/27/2023, 7:31 PM
opl-k8s-ingress   <none>   <http://ourplacelettings.aengz.com|ourplacelettings.aengz.com>   <http://a60da7f31b9864e568bf8d320040c55e-1877713466.eu-west-2.elb.amazonaws.com|a60da7f31b9864e568bf8d320040c55e-1877713466.eu-west-2.elb.amazonaws.com>   80      46h
b

billowy-army-68599

02/27/2023, 7:32 PM
okay, that looks correct?
i

important-football-6131

02/27/2023, 7:32 PM
yes seems like
b

billowy-army-68599

02/27/2023, 7:32 PM
it’s returning a 200?
so you’re hitting the pod
i

important-football-6131

02/27/2023, 7:33 PM
umm not sure where to see that acutally
b

billowy-army-68599

02/27/2023, 7:33 PM
curl -vvv <http://ourplacelettings.aengz.com|ourplacelettings.aengz.com>
i

important-football-6131

02/27/2023, 7:34 PM
yes
that works
i get 200
b

billowy-army-68599

02/27/2023, 7:34 PM
so everything seems to be working? what’s the issue?
i

important-football-6131

02/27/2023, 7:35 PM
if i put ourplacelettings.aengz.com in the browser
b

billowy-army-68599

02/27/2023, 7:36 PM
that’s an issue with the application itself in the pod, not an infrastructure issue
I can see some HTML returned by curl
i

important-football-6131

02/27/2023, 7:37 PM
this is odd
i was getting 404
till a few hours ago an i have not changed anything
anyway
many thanks for your help
b

billowy-army-68599

02/27/2023, 7:38 PM
it was likely DNS 🙂
i

important-football-6131

02/27/2023, 7:39 PM
ah i see
#typescriptJoin Slack
Powered by