Develop Reference

Need help on configuring Nginx ingress controller for hcloud-cloud-controller-manager

I'm trying to follow this suggestion to use Hetzner load balancer as a Nginx ingress controller.
helm install ingress-nginx with these configurations:
controller:
config:
use-proxy-protocol: "true"
replicaCount: 3
service:
type: LoadBalancer
annotations:
load-balancer.hetzner.cloud/name: nginx-controller-new
load-balancer.hetzner.cloud/location: hel1
load-balancer.hetzner.cloud/use-private-ip: true
load-balancer.hetzner.cloud/algorithm-type: least_connections
load-balancer.hetzner.cloud/uses-proxyprotocol: true
load-balancer.hetzner.cloud/hostname: somehost.com
Deployments:
apiVersion: apps/v1
kind: Deployment
metadata:
name: echo1
spec:
selector:
matchLabels:
app: echo1
replicas: 3
template:
metadata:
labels:
app: echo1
spec:
containers:
- name: echo1
image: hashicorp/http-echo
args:
- "-text=echo1"
ports:
- containerPort: 5678
---
apiVersion: v1
kind: Service
metadata:
name: echo-service
spec:
selector:
app: echo1
ports:
- name: http
protocol: TCP
port: 80
targetPort: 5678
ipFamilyPolicy: PreferDualStack
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx
spec:
ingressClassName: nginx
rules:
- http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: echo-service
port:
number: 80
host: somehost.com
After installation, a Hetzner load balancer is successfully provisioned, however, it isn't able to detect the services:
I'm at a loss here. How can I connect the echo1 app to the ingress-nginx-controller service? I check out all of the available helm values but I cannot find something like service.selector to target echo1's service and make it publicly available. Can someone help me? Are there any alternatives?

I am not the Kubernetes master (more a noob) but I got it working with a L4-loadbalancer.
An annotation has to be set to your Ingress:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
And to use it without nginx-ingress, that worked for me (not tested with your labels)
apiVersion: "apps/v1"
kind: "Deployment"
metadata:
name: "nginx-hello-world"
labels:
app: "hello-world"
spec:
selector:
matchLabels:
app: "hello-world"
strategy:
type: "Recreate"
template:
metadata:
labels:
app: "hello-world"
spec:
containers:
- image: "rancher/hello-world"
name: "nginx-hello-world"
imagePullPolicy: "Always"
ports:
- containerPort: 80
name: "http"
Service
for HTTP (to test your deployment)
---
apiVersion: "v1"
kind: Service
metadata:
name: "nginx-hello-world"
labels:
app: "hello-world"
annotations:
load-balancer.hetzner.cloud/name: lb-development
load-balancer.hetzner.cloud/hostname: somehost.com
load-balancer.hetzner.cloud/protocol: http
load-balancer.hetzner.cloud/health-check-port: 10254
spec:
type: LoadBalancer
selector:
app: "hello-world"
ports:
- name: "http"
port: 80
targetPort: 80
for SSL
apiVersion: v1
kind: Service
metadata:
name: nginx-hello-world
labels:
app: hello-world
annotations:
load-balancer.hetzner.cloud/hostname: somehost.com
load-balancer.hetzner.cloud/http-certificates: managed-certificate-1-wildcard-somehost.com
load-balancer.hetzner.cloud/name: lb-development
load-balancer.hetzner.cloud/protocol: https
spec:
ports:
- name: https
nodePort: 32725
port: 443
protocol: TCP
targetPort: 80
selector:
app: hello-world
type: LoadBalancer

Unable to load CSS files when deploying to Kubernetes with Ngnix Ingress Controller

I am new to kubernetes. Please don't mind in answering this silly question.
I am deploying 2 micro-services each with different functionality to AKS cluster.
I was able see css files loading for microservice-1 but not for microservice-2.
When I deployed each microservice with Loadbalancer I was able to see the web applications without any errors. But when I was deploying with Ngnix Ingress controller I see errors.
Even if I use the same Ingress file for both microservices I got the errors for Ingress for microservices-2.
AKS Cluster I am deploying is of size 2 CPU's, 8 GB RAM and 16 GB internal memory. Image size is of around 500 MB.
I have used the following for ingress-ngnix
# Add the ingress-nginx repository
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
# Use Helm to deploy an NGINX ingress controller
helm install nginx-ingress ingress-nginx/ingress-nginx --namespace dev --set controller.replicaCount=1 --set controller.nodeSelector."beta\.kubernetes\.io/os"=linux --set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux --set controller.admissionWebhooks.patch.nodeSelector."beta\.kubernetes\.io/os"=linux
MICROSERVICE-1
apiVersion: v1
kind: Namespace
metadata:
name: dev
labels:
name: dev
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: microservice-1
namespace: dev
labels:
app: microservice-1
spec:
replicas: 1
selector:
matchLabels:
app: microservice-1
template:
metadata:
labels:
app: microservice-1
spec:
containers:
- name: microservice-1
image: microservice-1:f1
---
apiVersion: v1
kind: Service
metadata:
name: microservice-1-service
namespace: dev
spec:
selector:
app: microservice-1
ports:
- name: http
port: 5000
type: ClusterIP
MICROSERVICE-2
apiVersion: v1
kind: Namespace
metadata:
name: dev
labels:
name: dev
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: microservice-2
namespace: dev
labels:
app: microservice-2
spec:
replicas: 1
selector:
matchLabels:
app: microservice-2
template:
metadata:
labels:
app: microservice-2
spec:
containers:
- name: microservice-2
image: microservice-2:f1
---
apiVersion: v1
kind: Service
metadata:
name: microservice-2-service
namespace: dev
spec:
selector:
app: microservice-2
ports:
- name: http
port: 5001
type: ClusterIP
INGRESS FOR MICROSERVICE-1
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: microservice-1-ingress
namespace: dev
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: microservice-1-service
servicePort: 5000
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: microservice-1-ingress-static
namespace: dev
annotations:
ingress.kubernetes.io/rewrite-target: /static
spec:
rules:
- http:
paths:
- path: /static
backend:
serviceName: microservice-1-service
servicePort: 5000
INGRESS FOR MICROSERVICE-2
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: microservice-2-ingress
namespace: dev
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /app1
backend:
serviceName: microservice-2-service
servicePort: 5001
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: microservice-1-ingress-static
namespace: dev
annotations:
ingress.kubernetes.io/rewrite-target: /static
spec:
rules:
- http:
paths:
- path: /static
backend:
serviceName: microservice-2-service
servicePort: 5001

Service monitor issue in Prometheus operator

I have service and servicemonitor defined as below,
kind: Service
apiVersion: v1
metadata:
name: example-application
labels:
app: example-application
teamname: neon
spec:
selector:
app: example-application
ports:
- name: backend
port: 8080
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: example-application
namespace: monitoring
spec:
selector:
matchLabels:
app: example-application
endpoints:
- port: backend
path: /prometheus
namespaceSelector:
matchNames:
- testns
targetLabels:
- teamname
Pods are all available.I have tested the service.
But the Targets are showing as DOWN in Prometheus.Please let me know what I am missing.

I found the missing piece..I had to expose metrics in the application on that path..
So I followed this article https://medium.com/kubernetes-tutorials/simple-management-of-prometheus-monitoring-pipeline-with-the-prometheus-operator-b445da0e0d1a
For an example purpose, I used the same image given in this article as side car container for metrics in my deployment object as shown below,
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: example-application
spec:
replicas: 4
template:
metadata:
labels:
app: example-application
spec:
containers:
- name: example-application
image: nginx
ports:
- name: backend
containerPort: 80
- name: rpc-app-cont
image: supergiantkir/prometheus-test-app
ports:
- name: web
containerPort: 8081
Then added this port "web" to service monitor.
Now its working fine..

nginx ingress controller don't reach backend service?

I am currently trying to expose an kubernetes service via an ingress controller, but I cannot seem to so?
Who some odd reason does the host/path never resolve to the clusterIp and port that I want to use, eventhough this should have been resolved via my ingress controller and the ressource?...
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes
spec:
type: LoadBalancer
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-kubernetes
spec:
replicas: 3
selector:
matchLabels:
app: hello-kubernetes
template:
metadata:
labels:
app: hello-kubernetes
spec:
containers:
- name: hello-kubernetes
image: paulbouwer/hello-kubernetes:1.5
ports:
- containerPort: 8080
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-ingress-controller-conf
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-ingress-controller
namespace: default
spec:
replicas: 1
revisionHistoryLimit: 3
template:
metadata:
labels:
app: nginx-ingress-lb
spec:
terminationGracePeriodSeconds: 60
serviceAccount: nginx
containers:
- name: nginx-ingress-controller
image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
imagePullPolicy: Always
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 5
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-backend-service
- --configmap=$(POD_NAMESPACE)/nginx-ingress-controller-conf
- --v=2
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: nginx-ingress
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
name: http
- port: 443
targetPort: 443
name: https
selector:
app: nginx-ingress
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nginx
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- update
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- extensions
resources:
- ingresses/status
verbs:
- update
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: nginx-role
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nginx-role
subjects:
- kind: ServiceAccount
name: nginx
namespace: default
---
#Ingress ressource
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-hello
spec:
rules:
- host: dev.hello.com
http:
paths:
- backend:
serviceName: hello-kubernetes
servicePort: 80
---
##Default backend
apiVersion: v1
kind: Service
metadata:
name: default-backend-service
labels:
app: default-backend
spec:
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: default-backend
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: default-backend
labels:
app: default-http-backend
spec:
selector:
matchLabels:
app: default-backend
serviceName: default-backend-service
replicas: 2
template:
metadata:
labels:
app: default-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-backend
image: gcr.io/google_containers/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
I tried to make an MVP - but for some reason I can't resolve the path dev.hello.com
I want to use that to tell the ingress which service I want to connect to... but for some reason this never resolves to an ip address - it does not seem to hit anything?
Why? Is this incorrectly setup?

The service for hello-kubernetes should not be of type LoadBalancer because you want the ingress to work as Loadbalancer. So change the service of hello-kubernetes to type ClusterIP.
apiVersion: v1
kind: Service
metadata:
name: hello-kubernetes
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
selector:
app: hello-kubernetes

It's hard to understand what you exactly wants. You should be more precise what you exactly wants.
1. Ingress with ClusterIP.
Like Arghya Sadhu wrote, as you are using Ingress you don't need to specify LoadBalancer.
2. Ingress with NodePort
Keep in mind that you can also use NodePort with Ingress. Good explenation and example can be found here.
3. Ingress YAML
As per official Kubernetes Docs minimal Ingress resources looks like:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: test-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /testpath
backend:
serviceName: test
servicePort: 80
In your Ingress I couldn't find spec.rules.http.paths.path.
4. IP of LoadBalancer
Also very important is where are you have your cluster. If you are using On-Prem like GKE, AWS, AZURE, etc. your LoadBalancer will automatically get externalIP which allow you to connect to your cluster from outside. However, if you are using local machine you will need to use MetalLB.
In addition, please take a look at kubernetes docs about Connect a Front End to a Back End Using a Service.
Also please check this tutorial, it might help you.

Running Kubernetes locally via Minikube always returns 304 not modified resource

I'm using an Nginx ingress controller to direct traffic to a specific service, although right now there is only one. The service points to a Node.js app, and the html returned from the server is always 304 not modified. Does anyone have any ideas as to how I can return 200 and prevent cache?
Here's my Ingress settings:
apiVersion: networking.k8s.io/v1beta1 # for versions before 1.14 use extensions/v1beta1
kind: Ingress
metadata:
name: kludge-ingress
namespace: kludge
annotations:
# use the shared ingress-nginx
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- host: kludge.local
http:
paths:
- path: /
backend:
serviceName: kludge-front-end
servicePort: 80
Service:
apiVersion: v1
kind: Service
metadata:
name: kludge-front-end
namespace: kludge
spec:
type: NodePort
selector:
name: kludge-front-end
ports:
- name: http
protocol: TCP
nodePort: 30080
port: 80
targetPort: 3000
Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: kludge-front-end
namespace: kludge
spec:
replicas: 3
selector:
matchLabels:
name: kludge-front-end
template:
metadata:
namespace: kludge
labels:
name: kludge-front-end
spec:
containers:
- name: kludge-front-end
image: gibson445/kludge-front-end
ports:
- containerPort: 3000
imagePullPolicy: Never

There's a pretty good chance you'd actually want configuration-snippet to add the header Cache-Control.
Example:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: myingress
namespace: mynamespace
annotations:
nginx.ingress.kubernetes.io/configuration-snippet: |
add_header Cache-Control "max-age=0, no-cache, no-store, must-revalidate";