Nginx Question posted in
The official documentation can be found here.

Exposing service from Kubernetes NGINX Ingress controller always return 502 Bad Gateway

I am having issues with request to my NodeJS app running in my kubernetes cluster in digital ocean. Every request returns a 502 Bad Gateway Error. I am not sure what I am missing.

This is what the service config looks like

apiVersion: v1
kind: Service
metadata:
  name:  service-api
  namespace: default
  labels:
    app:  service-api
spec:
  type: ClusterIP
  ports:
    - name: http
      protocol: TCP
      port: 80
      targetPort: 3000
  selector:
    app:  service-api

The Ingress.yml looks like this

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: service-api-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/limit-connections: '2'
    nginx.ingress.kubernetes.io/limit-rpm: '60'
    service.beta.kubernetes.io/do-loadbalancer-protocol: "http"
    service.beta.kubernetes.io/do-loadbalancer-algorithm: "round_robin"
    service.beta.kubernetes.io/do-loadbalancer-http2-ports: "443,80"
    service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
    service.beta.kubernetes.io/do-loadbalancer-tls-passthrough: "true"
spec:
  tls:
  - hosts:
    - dev-api.service.com
    secretName: service-api-tls
  rules:
  - host: "dev-api.service.com"
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: service-api
            port:
              number: 80

Whenever I visit the host url I get a 502 error.

This is what appears in the nginx ingress log

2021/01/13 08:41:34 [error] 319#319: *31338 connect() failed (111: Connection refused) while connecting to upstream, client: IP, server: dev-api.service.com, request: "GET /favicon.ico HTTP/2.0", upstream: "http://10.244.0.112:3000/favicon.ico", host: "dev-api.service.com", referrer: "https://dev-api.service.com/status"
Tags:

3

Answers


  1. 0

    No special setup is needed, that 404 is most likely coming from your actual backend.

    Login or Signup to reply.
  2. 0

    Could it be the annotation that configures SSL passthru?

    If SSL passthru has been configured on your ingress controller then your service needs to expose port 443 in addition to port 80. You’re basically saying the pod is terminating the secure connection not nginx.

    If this is the issue would explain 50X error which indicates a problem with the backend

    Login or Signup to reply.
  3. 0

    As we ( with @Emmanuel Amodu ) have discussed in comment:

    mistake was to connect to app using wrong port, port 4000 instead of 3000 as defined in service-api.

    For community which will have similar problem please – most important steps for debugging:

    1. Checking netstat -plant output table
    2. Checking your Nginx Configuration: $ kubectl exec -it -n <namespace-of-ingress-controller> <nginx-ingress-controller-pod> -- cat /etc/nginx/nginx.conf
    3. Checking service: $ kubectl describe svc service-api
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search