I have a couple of questions
When we make changes to ingress resource, are there any cases where we have to delete the resource and re-create it again or is kubectl apply -f <file_name>
sufficient?
When I add the host attribute without www i.e. (my-domain.in)
, I am not able to access my application but with www i.e. (www.my-domain.in)
it works, what's the difference?
Below is my ingress resource
When I have the host set to my-domain.in
, I am unable to access my application, but when i set the host to www.my-domain.in
I can access the application.
my domain is on a different provider and I have added CNAME (www) pointing to DNS name of my ALB.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: eks-learning-ingress
namespace: production
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/certificate-arn: arn:aws:a982529496:cerd878ef678df
labels:
app: eks-learning-ingress
spec:
rules:
- host: my-domain.in **does not work**
http:
paths:
- path: /*
backend:
serviceName: eks-learning-service
servicePort: 80
First answering your question 1:
When we make changes to ingress resource, are there any cases where we have to delete the resource and re-create it again or is kubectl apply -f sufficient?
In theory, yes, the kubectl apply
is the correct way, either it will show ingress unchanged
or ingress configured
.
Other valid documented option is kubectl edit ingress INGRESS_NAME
which saves and apply at the end of the edition if the output is valid.
I said theory because bugs happen, so we can't fully discard it, but bug is the worst case scenario.
Now the blurrier question 2:
When I add the host attribute without www i.e. (my-domain.in), I am not able to access my application but with www i.e. (www.my-domain.in) it works, what's the difference?
To troubleshoot it we need to isolate the processes, like in a chain we have to find which link is broken. One by one:
Endpoint > Domain Provider> Cloud Provider > Ingress > Service > Pod.
Domain Provider:
To the Internet, who answers for my-domain.in
is your Domain Provider.
my-domain.in
and it's subdomains (like www.my-domain.in
or admin.my-domain.in
)? You said "domain is on a different provider and I have added CNAME (www) pointing to DNS name of my ALB."my-domain.in
and my-domain.in
being redirected to the ALB address instinctively?Cloud Provider:
Ok, the cloud provider is receiving the request correctly and distinctly.
Usually we would start the troubleshoot from this part, but since you mentioned it works with www.my-domain.in
, we can presume that your service, deployment and even ingress structure is working correctly.
You can check the Types of Ingress Docs to get a few examples of how it should work.
Bottom Line: I believe your DNS has a route for www.my-domain.in
but the root domain has no route to your cloud provider that's why it's only working when you are enabling the ingress for www.