Nginx ingress returns 502 after POST with redirect

11/19/2019

My hosting provider is DigitalOcean. Main page (e.g. /) requires user to be authenticated. If user is not authenticated he is redirected to identity server. Once user enters credentials POST request is sent to application as last step of OAuth flow.

Application receives this request and handles it correctly. This fact was verified by logs produced by application. It performs redirect to main page https://ui.example.com (302 status code + some cookies).

User sees 502 error message issues by gateway.

Ingress configuration is very simple (and it works for GET requests):

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: rie-ui-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/issuer: "letsencrypt-prod"
spec:
  tls:
  - hosts:
    - ui.example.com
    secretName: rie-ui-prd-tls
  rules:
  - host: ui.example.com
    http:
      paths:
      - backend:
          serviceName: rie-ui-svc
          servicePort: 9000

I'm wondering what could be wrong with this configuration?

UPDATE 1 The following log message was found in log stream of Ingress controller:

2019/11/20 05:33:09 [error] 1465#1465: *813467 upstream sent too big header while reading response header from upstream, client: 10.131.18.136, server: ui.example.com, request: "POST /signin-oidc HTTP/2.0", upstream: "http://10.244.1.228:9000/signin-oidc", host: "ui.example.com"

I have impression that this is something to fix with Nginx controller ingress settings?

ANSWER:

After studying documentation the following changes where made to Ingress definition:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: rie-ui-ingress
  annotations:
    ...
    nginx.ingress.kubernetes.io/proxy-buffer-size: "64k"
    nginx.ingress.kubernetes.io/proxy-buffers-number: "8"

These settings increase buffer sizes. More details can be found on the following page.

-- Andrey Solonoy
kubernetes-ingress

0 Answers