K
Q

Experiencing 502 errors when using ALB ingress with Nifi

1/10/2022

What I am trying to do: Setting up Nifi and try to accessing it via alb ingress with nifi's self signed certificate

What I am getting 502 Bad Gateway

nifi.properties (Sharing my nifi web properties)

# web properties #
nifi.web.http.host=
nifi.web.http.port=
nifi.web.http.network.interface.default=
nifi.web.https.host=
nifi.web.https.port=15443
nifi.web.https.network.interface.default=
nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.host=uat.example.com
nifi.web.proxy.context.path=
nifi.web.max.content.size=
nifi.web.max.requests.per.second=30000
# nifi.web.request.timeout=60 secs
# nifi.web.request.ip.whitelist=
nifi.web.should.send.server.version=true

# Include or Exclude TLS Cipher Suites for HTTPS
nifi.web.https.ciphersuites.include=
nifi.web.https.ciphersuites.exclude=

Ingress.yaml 

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig":
      { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
    alb.ingress.kubernetes.io/certificate-arn: <CERTIFICATE-ARN>
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
    alb.ingress.kubernetes.io/load-balancer-name: testing-alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    kubernetes.io/ingress.class: alb
  creationTimestamp: "2021-10-11T13:19:27Z"
  finalizers:
  - ingress.k8s.aws/resources
  generation: 23
  labels:
    app.kubernetes.io/component: alb
    app.kubernetes.io/environment: uat
    app.kubernetes.io/name: testing-alb
    app.kubernetes.io/version: "2.2"
  name: testing-alb
  namespace: uat
spec:
  rules:
  - http:
      paths:
      - backend:
          service:
            name: nifi
            port:
              number: 15443
        path: /nifi
        pathType: Prefix
      - backend:
          service:
            name: nifi-registry
            port:
              number: 19090
        path: /nifi-registry
        pathType: Prefix
  tls:
  - hosts:
    - uat.testing.example.com
status:
  loadBalancer:
    ingress:
    - hostname: <HOST-ARN>

Note:- When I disable the SSL authentication in nifi try to access the webUI through ingress I see this enter image description here

-- Manshu Sharma
apache-nifi
aws-application-load-balancer
kubernetes
kubernetes-ingress

Similar Questions

getaddrinfo: Temporary failure in name resolution kubernetes + coredns
Ingress Responses only with 200
Apply annotation upon creating an object through `kubectl`
Google managed SSL Certificates with Nginx Ingress
Prevent Spring Boot application closing until all current requests are finished

0 Answers