K
Q

Service routing with Ingress on GKE

2/13/2018

We are running several services in a Kubernetes cluster on GKE (Google Kubernetes Engine) and are having trouble configuring routing with Ingress.

Let's say that we have auth-service and user-service and would like to access them by the following urls: http://www.example.com/auth and http://www.example.com/user. All requests to these urls should be redirected to the correct services and routed internally (http://www.example.com/user/people -> http://user-service/people).

These is our configuration for the auth service:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: api-auth
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: api-auth
        tier: backend
        track: stable
    spec:
      containers:
        - name: api-auth
          image: "<our-image>"
          ports:
            - name: http
              containerPort: 9000
          livenessProbe:
            httpGet:
              path: /health
              port: 9000
            initialDelaySeconds: 180
            timeoutSeconds: 5
          readinessProbe:
            httpGet:
              path: /health
              port: 9000
            initialDelaySeconds: 180
            timeoutSeconds: 5
---
kind: Service
apiVersion: v1
metadata:
  name: auth-service
  labels:
    app: api-auth
spec:
  type: NodePort
  selector:
    app: api-auth
    tier: backend
  ports:
  - port: 80
    targetPort: 9000

Internally, the service is running on Tomcat on port 9000, this part is working fine.

The problem is with our Ingress configuration:

kind: Ingress
apiVersion: extensions/v1beta1
metadata:
  name: auth-ingress
  annotations:
    kubernetes.io/ingress.global-static-ip-name: <our-static-api>
    kubernetes.io/ingress.class: "gce"
  labels:
    app: api-auth
spec:
  rules:
  - http:
      paths:
      - path: /auth
        backend:
          serviceName: auth-service
          servicePort: 80
      - path: /auth/*
        backend:
          serviceName: auth-service
          servicePort: 80
      - path: /user
        backend:
          serviceName: user-service
          servicePort: 80
      - path: /user/*
        backend:
          serviceName: user-service
          servicePort: 80

Whenever I access our static api (let's call it example.com for now) in the following way: http://www.example.com/auth, I am getting 502 - Bad gateway. Running kubectl describe ingress says, that our services's health is unknown.

I am running our of ideas what might be causing this strange behavior. Could someone point me to the right direction?

-- Smajl
google-kubernetes-engine
kubernetes

Similar Questions

Kubernetes liveness probes stop responding
I have setup a Kubernetes cluster on two EC-2 instances & dashboard but I'm not able to access the ui for the kubernetes dashboard on browser
unable to pull public images with kubernetes using kubectl
Executing command inside pod from outside

2 Answers

2/13/2018

You mentioned on Slack the services are Spring Boot apps. It's probably not related to that, but you need to make sure the ingress path matches the context of your Spring Boot app, i. e. if your ingress path is /user, your app context must be configured with server.context-path=/user. The service would then be reachable under http://user-service/user.

-- unguiculus
Source: StackOverflow
2/13/2018

Your health check will reflect your readiness probes. The health check needs to use your nodePort port because the request is coming from a Load Balancer. If your health check is targeting port 9000, the request will not get through because that port on the node is not active.

Make sure your LB health check is targeting the correct port (in the 30000 range) and that the target path will respond with 200, otherwise your health checks will continue to fail and you will continue to get 502 errors

-- Patrick W
Source: StackOverflow