nginx-ingress-controller not considering the upstream service in EKS - kubernetes-ingress

I am trying to setup an ingress-controller to a EKS cluster. I followed the nginx guide to deploy the nginx controller.
https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/
But the nginx ingress configuration file is not considering the "service ips" in the "upstream".
enter image description here
Any help!
Thanks in advance

After 2 days of debugging, I found the issue.
The "nginx-ingress" is unable to identify the "upstream service". Because the endpoint service is unable to locate the "App" due to "app" label was wrong.
It looks a silly manual mistake, but the debugging is not straight forward.
If anyone has similar issue, please try to debug with reference of below points:-
execute the "nginx-ingress" with logs enabled (v3)
Find the list of endpoints in the cluster.
If your upstream, showing a valid point then look the "nginx-ingress.conf"
If not, address the service endpoint issue first.

Related

Route to application stopped working in OpenShift 4.6

I have an application running in Openshift 4.6.
The pod is running, I can exec into it and check this, I can port-forward to it and access it.
when trying to access the application, I get the error message:
Application is not available The application is currently not serving
requests at this endpoint. It may not have been started or is still
starting.
Possible reasons you are seeing this page:
The host doesn't exist. Make sure the hostname was typed correctly and
that a route matching this hostname exists.
The host exists, but doesn't have a matching path. Check if the URL
path was typed correctly and that the route was created using the
desired path.
Route and path matches, but all pods are down. Make sure that the
resources exposed by this route (pods, services, deployment configs,
etc) have at least one pod running.
There could be multiple reasons for this. You don't really provide enough debugging details to get to the next steps. But I generally find it helps to work backwards through the request.
Can you access the pod via port-forward? You say you've already tested this, but I include it for completeness. But I also mention it to make sure that you are verifying that you are serving the protocol you expect. If you have HTTPS passthrough on the route, but you are serving HTTP from your pod, there will obviously be a problem.
Can you access the pod providing your service from outside the pod (but within the cluster)? e.g. create a debug pod and see if you can connect to your service with curl some other client. If this doesn't work, you may not be exposing the ports of your pod correctly. Check the pod definitions.
Can you access the service from outside the pod (but within the cluster)? e.g. from your debug pod, use the service directly. If this doesn't work, you may have the selector on your service wrong. Or some other problem with your service. Check the service definition.
Can you access the route from inside the cluster? e.g. from your debug pod, try to use the full route URL. If this doesn't work, you've narrowed it down to the route definition. Again, HTTPS vs HTTP can sometimes be a mistake here such as having HTTPS passthrough when your service doesn't support HTTPS. Check the route definition.
Finally, try accessing the route eternally. Which is sounds like you have already tried. But if you've narrowed it down such that your route works internally you've determined that the problem is something in the external network. It doesn't sound like this is your problem, but it's something to keep in mind.

Connect to MySQL database by using route exposed on openshift

I have just exposed my database on openshift and it gives me an 'https://....' url
Does anybody know how to connect using DBeaver by using this url that openshift gave to me.
The error that dbeaver says to me is the following
Malformed database URL, failed to parse the main URL sections.
Short answer: You can't with aRoute
Route can only expose http/https traffic
If you want to expose tcp traffic (like for a database), do not create aRouteand change yourServicetype to "NodePort"`
Check my previous answer for this kind of problem (exposing MQ in this case): How to connect to IBM MQ deployed to OpenShift?
OpenShift doc on NodePorts: https://docs.openshift.com/container-platform/4.7/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.html
There's another way to do this.
If your Route is set to "passthrough" it will just look at the SNI headers to determine where to route the traffic but won't unwrap it (and expect http inside) which will let it pass other traffic through to a pod.
I use this mechanism to run a ZNC bouncer (irc traffic) behind SNI.
The downside is you need to provide your own TLS cert inside the pod instead of leveraging the general one available to *.apps.(cluster).com
As for the specific error, "Malformed database URL", I've not used this software but from a quick websearch it looks like you want to rewrite the https://(appname).(clustername).com into a jdbc:.../hostname... string, and then enable TLS in settings.
I found this page that talks about setting it up, so it might be helpful if you've not around found it -- https://github.com/dbeaver/dbeaver/issues/9573

Openshift 3.11 + 503 response

I have setup my web application and I saw my POD was successfully deployed, I have created HTTPS and HTTP route of the service. But when I hit the API, it gives sometime success or sometime 503 status code.
I do not see any issue in the POD and also I have setup health check.
Could anyone help me to resolve this issue.
POD Image :- jboss-webserver31-tomcat8-openshift:1.2
FYI- Right now I am using free version of the OpenShift.
Thanks,
Shailendra Soni

Odoo on Google compute engine - refused to connect

I am fairly new to both google compute engine and Odoo. I have recently started a google compute engine with Ubuntu-16 installed. I have successfully followed instructions on Odoo website to install and start Odoo server. When I try to access my Odoo instance from another computer by going to
IP-address-of-server:8069
I find
ERR_CONNECTION_REFUSED
Following are the firewall rules for the instance. Please guide me on how to solve this problem. Please feel free to ask for any additional information.
You have multiple things to make sure what exactly is your problem. Check whether odoo service is working by entering systemctl status odoo-server
This should show whether your service is started (and enabled) or not. Check this then reply back.
Also, while accessing your odoo server, use http request instead of https.
Try if you can connect from the VM itself to Odoo. Log in to your VM with ssh and then use curl localhost:8069 or wget localhost:8069. If that's successful, it's a firewall issue.
If it is a firewall problem, add a rule similar to the default-allow-http, but for the port you need. Then add the tag of your rule to your VM instance. You can do this in Cloud console.

fabric8 kubernetes client exception

I am using the fabric8 library to create replication controllers on the kubernetes cluster. When I create areplication controller with the name rc-UUID.toString();
It errors aout with the following message
ReplicationController is forbidden. What does this indicate?
I don't think that the problem is the name.
Names like: rc-fa75ddfd-bea7-45b5-8d2f-ed806652b461 are valid.
Usually the message forbidden appears in one of the following cases:
i) http status code 401
ii) https status code 404
Error (i) appears when you are connecting to a remote Kubernetes Environment and can be solved by login in. Try kubectl login or oc login.
Error (ii) appears when the client is instantiated from within Kubernetes and the service account hasn't been properly configured.
Either way, I'd strongly encourage you to upgrade to a more recent version of the cabernets client, which has more meaningful error messages.
If none of my suggestion solves your issue, please attach the full output.
Cheers