K
Q

Ingress doesn't redirect to my service after AppID on IKS

6/20/2019

I have an IKS cluster with AppID tied to it. I have a problem with redirecting an NodeJS app with the ingress. All other apps works with both AppID and ingress, but this one gives 500 Internal Server error when redirecting back from AppID. The service works fine when used as a NodePort and accessed on the server address and that nodePort.

When describing the ingress I'm only getting successful results back

Events:
  Type    Reason   Age    From                                                             Message
  ----    ------   ----   ----                                                             -------
  Normal  Success  58m    public-cr9c603a564cff4a27adb020dd40ceb65e-alb1-59fb8fc894-s59nd  Successfully applied ingress resource.

My ingress looks like:

apiVersion: v1
items:
- apiVersion: extensions/v1beta1
  kind: Ingress
  metadata:
    annotations:
      ingress.bluemix.net/appid-auth: bindSecret=binding-raven3-app-id namespace=default
        requestType=web serviceName=r3-ui
      ingress.bluemix.net/rewrite-path: serviceName=r3-ui rewrite=/;
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{"ingress.bluemix.net/appid-auth":"bindSecret=binding-raven3-app-id namespace=default requestType=api serviceName=r3-ui [idToken=false]"},"name":"myingress","namespace":"default"},"spec":{"rules":[{"host":"*host*","http":{"paths":[{"backend":{"serviceName":"r3-ui","servicePort":3000},"path":"/"}]}}],"tls":[{"hosts":["mydomain"],"secretName":"mytlssecret"}]}}
    creationTimestamp: "2019-06-20T10:31:57Z"
    generation: 21
    name: myingress
    namespace: default
    resourceVersion: "24140"
    selfLink: /apis/extensions/v1beta1/namespaces/default/ingresses/myingress
    uid: a15f74aa-9346-11e9-a9bf-f63d33811ba6
  spec:
    rules:
    - host: *host*
      http:
        paths:
        - backend:
            serviceName: r3-ui
            servicePort: 3000
          path: /
    tls:
    - hosts:
      - *host*
      secretName: raven3
  status:
    loadBalancer:
      ingress:
      - ip: 169.51.71.141
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

and my service looks like:

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2019-06-20T09:25:30Z"
  labels:
    app: r3-ui
    chart: r3-ui-0.1.0
    heritage: Tiller
    release: r3-ui
  name: r3-ui
  namespace: default
  resourceVersion: "23940"
  selfLink: /api/v1/namespaces/default/services/r3-ui
  uid: 58ff6604-933d-11e9-a9bf-f63d33811ba6
spec:
  clusterIP: 172.21.180.240
  ports:
  - name: http
    port: 3000
    protocol: TCP
    targetPort: http
  selector:
    app: r3-ui
    release: r3-ui
  sessionAffinity: None
  type: ClusterIP
status:

What's weird is that I'm getting different results on port 80 and on port 443. On port 80 I'm getting HTTP error 500 and on port 443 I'm getting Invalid Host header

-- t3ng1l
ibm-appid
ibm-cloud
kubernetes-ingress

Similar Questions

How to detect which pod makes network request in k8s?
Write to Secret file in pod
Corda RPC connection on Kubernetes
Helm: variables in values.yaml

1 Answer

6/21/2019

Are you using https in order to access your application? For security reasons, App ID authentication only supports back ends with TLS/SSL enabled.

If you are using SSL and still having troubles, can you kindly share your Ingress and application logs so we can figure out what went wrong?

Thanks.

-- Tal Aviel
Source: StackOverflow