Develop Reference

Kubernetes Ingress path rewrite dosen't work as expected

I have an ingress, defined as the following:
Name: online-ingress
Namespace: default
Address:
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
jj.cloud.com
/online/(.*) online:80 (172.16.1.66:5001)
/userOnline online:80 (172.16.1.66:5001)
Annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal AddedOrUpdated 29m (x4 over 74m) nginx-ingress-controller Configuration for default/online-ingress was added or updated
If I test it with no rewrite, it's ok.
curl -X POST jj.cloud.com:31235/userOnline -H 'Content-Type: application/json' -d '{"url":"baidu.com","users":["ua"]}'
OK
However, if I try to use rewrite, it will fail.
curl -X POST jj.cloud.com:31235/online/userOnline -H 'Content-Type: application/json' -d '{"url":"baidu.com","users":["ua"]}'
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.21.3</center>
</body>
</html>
And it will produce the following error logs:
2021/11/03 10:21:25 [error] 134#134: *63 open() "/etc/nginx/html/online/userOnline" failed (2: No such file or directory), client: 172.16.0.0, server: jj.cloud.com, request: "POST /online/userOnline HTTP/1.1", host: "jj.cloud.com:31235"
172.16.0.0 - - [03/Nov/2021:10:21:25 +0000] "POST /online/userOnline HTTP/1.1" 404 153 "-" "curl/7.29.0" "-"
Why the path /online/userOnline doesn't match /online/(.*) and rewrite it to /userOnline? Or are there some other errors?
Here is the yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: online-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
rules:
- host: jj.cloud.com
http:
paths:
- path: /online(/|$)/(.*)
pathType: Prefix
backend:
service:
name: online
port:
number: 80
- path: /userOnline
pathType: Prefix
backend:
service:
name: online
port:
number: 80
ingressClassName: nginx
When I checked the generated nginx config, I found (default-online-ingress.conf):
location /online(/|$)/(.*) {
It seems lost of the modifier for regex match, like this:
location ~* "^/online(/|$)/(.*)" {
If it's true, how to make rewrite take effect and generate correct nginx config?

If I understood your issue correctly, you have a problem with captured groups.
According to Nginx Rewrite targets it seems to me,
your patch should be path: /online(/|$)(.*)
your rewrite-target: should be rewrite-target: /$2
in addition, if you use nginx ingress, I believe you should specify that in annotation section as kubernetes.io/ingress.class: nginx
yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: online-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
rules:
- host: jj.cloud.com
http:
paths:
- path: /online(/|$)(.*)
pathType: Prefix
backend:
service:
name: online
port:
number: 80
- path: /userOnline
pathType: Prefix
backend:
service:
name: online
port:
number: 80
ingressClassName: inner-nginx

Ingress-nginx-controller on GKE is returning status 302 ERR_TOO_MANY_REDIRECTS after installing Eclipse che

I am getting 302 ERR_TOO_MANY_REDIRECTS when requesting che-dashboard on the generated URL by the helm.
I have installed Eclipse che using the following link:
https://www.eclipse.org/che/docs/che-7/installation-guide/installing-che-on-google-cloud-platform/
This installs multiple services like che-dashboard, keycloak, plugin-registry, etc.
Out of these only che dashboard is returning 302 ERR_TOO_MANY_REDIRECTS, rest of the URLs are working fine.
che-dashboard service is returning 200 Ok but ingress-nginx-controller is returning 302 redirect. PFB the logs and yaml files.
che-dashboard service logs:
2021-06-21 15:06:05.531 IST10.112.3.1 - - [21/Jun/2021:09:36:05 +0000] "GET /dashboard/ HTTP/1.1" 200 696
Info
2021-06-21 15:06:08.233 IST10.112.3.1 - - [21/Jun/2021:09:36:08 +0000] "GET /dashboard/ HTTP/1.1" 200 696
Info
2021-06-21 15:06:15.532 IST10.112.3.1 - - [21/Jun/2021:09:36:15 +0000] "GET /dashboard/ HTTP/1.1" 200 696
Info
2021-06-21 15:06:18.233 IST10.112.3.1 - - [21/Jun/2021:09:36:18 +0000] "GET /dashboard/ HTTP/1.1" 200 696
Info
2021-06-21 15:06:25.531 IST10.112.3.1 - - [21/Jun/2021:09:36:25 +0000] "GET /dashboard/ HTTP/1.1" 200 696
Info
2021-06-21 15:06:28.233 IST10.112.3.1 - - [21/Jun/2021:09:36:28 +0000] "GET /dashboard/ HTTP/1.1" 200 696
che-dashboard YAML:
apiVersion: v1
kind: Service
metadata:
annotations:
meta.helm.sh/release-name: che
meta.helm.sh/release-namespace: eclipse-che
creationTimestamp: "2021-06-07T17:57:40Z"
labels:
app: che
app.kubernetes.io/managed-by: Helm
component: che-dashboard
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:meta.helm.sh/release-name: {}
f:meta.helm.sh/release-namespace: {}
f:labels:
.: {}
f:app: {}
f:app.kubernetes.io/managed-by: {}
f:component: {}
f:spec:
f:ports:
.: {}
k:{"port":8080,"protocol":"TCP"}:
.: {}
f:name: {}
f:port: {}
f:protocol: {}
f:targetPort: {}
f:selector:
.: {}
f:app: {}
f:component: {}
f:sessionAffinity: {}
f:type: {}
manager: Go-http-client
operation: Update
time: "2021-06-07T17:57:40Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:spec:
f:ports:
k:{"port":443,"protocol":"TCP"}:
.: {}
f:name: {}
f:port: {}
f:protocol: {}
f:targetPort: {}
manager: GoogleCloudConsole
operation: Update
time: "2021-06-13T04:44:42Z"
name: che-dashboard
namespace: eclipse-che
resourceVersion: "6305578"
selfLink: /api/v1/namespaces/eclipse-che/services/che-dashboard
uid: cf8c6e75-1153-43db-b7f2-678f6bb927b9
spec:
clusterIP: 10.115.242.109
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
- name: https
port: 443
protocol: TCP
targetPort: 443
selector:
app: che
component: che-dashboard
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
ingress-nginx-controller logs:
2021-06-21 13:47:18.499 IST171.61.57.210 - - [21/Jun/2021:08:17:18 +0000] "GET /dashboard/ HTTP/2.0" 302 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 22 0.001 [eclipse-che-che-host-8080] [] 10.112.4.3:8080 0 0.001 302 e9ffe655a67304f9a34ad623f1b2cfb1
Info
2021-06-21 13:47:18.707 IST171.61.57.210 - - [21/Jun/2021:08:17:18 +0000] "GET /dashboard/ HTTP/2.0" 302 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 22 0.001 [eclipse-che-che-host-8080] [] 10.112.4.3:8080 0 0.001 302 db12deeebd652964501ed94de4f8804b
Info
2021-06-21 13:47:18.911 IST171.61.57.210 - - [21/Jun/2021:08:17:18 +0000] "GET /dashboard/ HTTP/2.0" 302 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36" 22 0.001 [eclipse-che-che-host-8080] [] 10.112.4.3:8080 0 0.000 302 af3de97363a4912f8e1f24f0bbd51913
ingress-nginx-controller YAML
apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/managed-by":"Helm","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/version":"0.41.0","helm.sh/chart":"ingress-nginx-3.8.0"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"externalTrafficPolicy":"Local","ports":[{"name":"http","port":80,"protocol":"TCP","targetPort":"http"},{"name":"https","port":443,"protocol":"TCP","targetPort":"https"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"LoadBalancer"}}
creationTimestamp: "2021-06-02T08:12:38Z"
finalizers:
- service.kubernetes.io/load-balancer-cleanup
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/version: 0.41.0
helm.sh/chart: ingress-nginx-3.8.0
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:kubectl.kubernetes.io/last-applied-configuration: {}
f:labels:
.: {}
f:app.kubernetes.io/component: {}
f:app.kubernetes.io/instance: {}
f:app.kubernetes.io/managed-by: {}
f:app.kubernetes.io/name: {}
f:app.kubernetes.io/version: {}
f:helm.sh/chart: {}
f:spec:
f:externalTrafficPolicy: {}
f:ports:
.: {}
k:{"port":80,"protocol":"TCP"}:
.: {}
f:name: {}
f:port: {}
f:protocol: {}
f:targetPort: {}
k:{"port":443,"protocol":"TCP"}:
.: {}
f:name: {}
f:port: {}
f:protocol: {}
f:targetPort: {}
f:selector:
.: {}
f:app.kubernetes.io/component: {}
f:app.kubernetes.io/instance: {}
f:app.kubernetes.io/name: {}
f:sessionAffinity: {}
f:type: {}
manager: kubectl-client-side-apply
operation: Update
time: "2021-06-02T08:12:38Z"
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:finalizers:
.: {}
v:"service.kubernetes.io/load-balancer-cleanup": {}
f:status:
f:loadBalancer:
f:ingress: {}
manager: kube-controller-manager
operation: Update
time: "2021-06-02T08:13:27Z"
name: ingress-nginx-controller
namespace: ingress-nginx
resourceVersion: "3164"
selfLink: /api/v1/namespaces/ingress-nginx/services/ingress-nginx-controller
uid: 17eb1fd5-fbbc-40aa-a0c9-d1020f21e635
spec:
clusterIP: 10.115.245.45
externalTrafficPolicy: Local
healthCheckNodePort: 31646
ports:
- name: http
nodePort: 30508
port: 80
protocol: TCP
targetPort: http
- name: https
nodePort: 31341
port: 443
protocol: TCP
targetPort: https
selector:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
sessionAffinity: None
type: LoadBalancer
status:
loadBalancer:
ingress:
- ip: 34.76.122.126
I can provide more details if needed. Thanks in advance

it seems to be issue which is already fixed in the latest version https://github.com/eclipse/che/issues/19914
The fix is fixing Ingress path from /dashboard/* to /dashboard/. See https://github.com/eclipse-che/che-server/pull/20
I'm not sure about ingress controller you need, the above is for nginx, you may need to configure your value if you have a different ingress controller.
Let us know if it does not work for you.

Nginx rewrite doesn't work with typical extensions

I have a nginx rewrite location conf like this
location /playernew {
error_log /home/heyka/rewrite-error.log debug;
if ($request_filename ~ /playernew/([A-Za-z0-9_-]+)/(.+)){
rewrite /playernew/([A-Za-z0-9_-]+)/(.+) /playernew/$2 break;
}
For e.g. url .com/playernew/wydra/assets/css/style.csss works. Notice .csss extension.
And in log I have:
2019/09/09 17:35:41 [notice] 28519#0: *103 "/playernew/([A-Za-z0-9_-]+)/(.+)" matches "/home/website/www/playernew/wydra/assets/css/style.csss", client: ip, server: nocache.website.com, request: "GET /playernew/wydra/assets/css/style.csss HTTP/1.1", host: "nocache.website.com"
2019/09/09 17:35:41 [notice] 28519#0: *103 "/playernew/([A-Za-z0-9_-]+)/(.+)" matches "/playernew/wydra/assets/css/style.csss", client: ip, server: nocache.website.com, request: "GET /playernew/wydra/assets/css/style.csss HTTP/1.1", host: "nocache.website.com"
2019/09/09 17:35:41 [notice] 28519#0: *103 rewritten data: "/playernew/assets/css/style.csss", args: "", client: ip, server: nocache.website.com, request: "GET /playernew/wydra/assets/css/style.csss HTTP/1.1", host: "nocache.website.com"
2019/09/09 17:35:41 [error] 28519#0: *103 open() "/home/website/www/playernew/assets/css/style.csss" failed (2: No such file or directory), client: ip, server: nocache.website.com, request: "GET /playernew/wydra/assets/css/style.csss HTTP/1.1", host: "nocache.website.com"
But...
When I hit the .com/playernew/wydra/assets/css/style.css. Notice .css... Doesn't work completly. Nothing in logs. Nothing. Like rewrite command never existed.
Even with config like...
location /playernew {
error_log /home/arek/rewrite-error.log debug;
rewrite style.css / break;
the same :/
Why? What is going on?
Why .csss works but .css doesn't. And the same with other regular extensions.
Again -> hitting /playernew/wydra/setup/index.phpp generates log and rewrite works.
But hitting /playernew/wydra/setup/index.php... no log + doesn't work.
For me it has problem with any typical extension

k8s ngnix container return json response

I have a k8s cluster, among other things running an nginx.
when I do curl -v <url> I get
HTTP/1.1 200 OK
< Content-Type: text/html
< Date: Fri, 24 Mar 2017 15:25:27 GMT
< Server: nginx
< Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
< Content-Length: 0
< Connection: keep-alive
<
* Curl_http_done: called premature == 0
* Connection #0 to host <url> left intact
however when I do curl -v <url> -H 'Accept: application/json' I get
< HTTP/1.1 200 OK
< Content-Type: text/html
< Date: Fri, 24 Mar 2017 15:26:10 GMT
< Server: nginx
< Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
< Content-Length: 0
< Connection: keep-alive
<
* Curl_http_done: called premature == 0
* Connection #0 to host <url> left intact
* Could not resolve host: application
* Closing connection 1
curl: (6) Could not resolve host: application
My task is to get the request to return a json not html.
To my understanding I have to create an ingress-controller and modify the ngnix.conf somehow, I've been trying for a few days now but can't get it right. Any kind of help would be most appreciated.
The following are of the yaml files I've been using:
configmap:
apiVersion: v1
data:
server-tokens: "false"
proxy-body-size: "4110m"
server-name-hash-bucket-size: "128"
kind: ConfigMap
metadata:
name: nginx-load-balancer-conf
labels:
app: nginx-ingress-lb
daemonset:
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-lb
labels:
app: nginx-ingress-lb
spec:
template:
metadata:
labels:
name: nginx-ingress-lb
app: nginx-ingress-lb
spec:
terminationGracePeriodSeconds: 60
nodeSelector:
NodeType: worker
containers:
- image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.1
name: nginx-ingress-lb
imagePullPolicy: Always
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
# use downward API
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- --configmap=$(POD_NAMESPACE)/nginx-load-balancer-conf
deployment:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: default-http-backend
labels:
app: default-http-backend
spec:
replicas: 2
template:
metadata:
labels:
app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: gcr.io/google_containers/defaultbackend:1.2
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 100m
memory: 20Mi
requests:
cpu: 100m
memory: 20Mi
service:
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
labels:
app: default-http-backend
spec:
selector:
app: default-http-backend
ports:
- port: 80
targetPort: 8080

Remove the space after colon in curl -v <url> -H 'Accept: application/json'
The error message Could not resolve host: application means that it's taking application/json as the URL, instead of a header.

There are two things:
Exposing your app
Making your app return json
The ingess is only relevant to expose your app. And that is not the only option, you can use service (type Load balancer, for example) to achieve that too on most cloud providers. So, I'd keep it simple and not use ingress for now, until you solve the second problem.
As it has been explained, your curl has a syntax problem and that's why it shows curl: (6) Could not resolve host: application.
The other thing is fixing that won't make your app return json. And this is because you are only saying you accept json with that header. But if you want your app to return json, then you need to write it on your app. nginx can't guess how you want to map your HTML to json. There is much no other way than writting it, at least that I know of :-/

nginx as a docker upstream proxy with maps

Trying to use docker to setup a bunch of apps behind a proxy using the nginx maps option for ease of configuration with a large number of backend applications.
The trouble I'm running into is the container won't resolve the addresses that I've given it with links.
I've tried using dnsmasq but that was troublesome, and didn't give me a working resolution.
Any suggestions?
nginx.conf:
events {
worker_connections 1024;
}
http {
map $hostname $destination {
hostnames;
default host1:81;
host1.test.local host1:81;
host2.test.local host2:82;
host3.test.local host3:83;
}
server {
location / {
proxy_pass http://$destination/;
}
}
}
docker-compose.yml:
webproxy:
build: nginx:latest
ports:
- "80:80"
volumes:
- nginx.conf:/etc/nginx/nginx.conf
links:
- "host1:host1"
- "host2:host2"
- "host3:host3"
host1:
image: nginx:latest
ports:
- "81:80"
volumes:
- host1/index.html:/usr/share/nginx/html/index.html
host2:
image: nginx:latest
ports:
- "82:80"
volumes:
- host2/index.html:/usr/share/nginx/html/index.html
host3:
image: nginx:latest
ports:
- "83:80"
volumes:
- host3/index.html:/usr/share/nginx/html/index.html
Error I constantly get:
webproxy_1 | 2015/07/14 16:44:11 [error] 5#0: *1 no resolver defined to resolve host1, client: 10.0.2.2, server: , request: "GET / HTTP/1.1", host: "host2.test.local:8281"
webproxy_1 | 10.0.2.2 - - [14/Jul/2015:16:44:11 +0000] "GET / HTTP/1.1" 502 181 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:39.0) Gecko/20100101 Firefox/39.0"