skip to Main Content

I have created a docker image ( java web application ), created a kubernetes cluster with 1 master and 1 worker, created a deployment and a service. All the resources seem to run fine as I have checked by ‘kubectl describe resource resourcename’. At last, I used Ingress in order to expose the services outside the cluster. The ingress resource seems to work fine as there are no errors while describing the ingress object. However, on accessing the host on a browser from another machine , I get "Your connection is not private" error. I am pretty new to Kubernetes and I am unable to debug the cause of this.

Below are service/deployment yaml files, ingress file contents and the status of resources.

Service and Deployment YAML:

kind: Service
apiVersion: v1
metadata:
  name: hotelapplication
  labels:
    name: hotelapplication
spec:
  ports:
    - name: appport
      port: 8080
      targetPort: 8080
  selector:
    app: hotelapplication
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: hotelapplication
spec:
  selector:
    matchLabels:
      app: hotelapplication
  replicas: 1
  template:
    metadata:
      labels:
        app: hotelapplication
    spec:
      containers:
        - name: hotelapplication
          image: myname/hotelapplication:2.0
          imagePullPolicy: Always
          ports:
            - containerPort: 8080
          env:   # Setting Enviornmental Variables
            - name: DB_HOST   # Setting Database host address from configMap
              valueFrom:
                configMapKeyRef:
                  name: db-config  # name of configMap
                  key: host
            - name: DB_NAME  # Setting Database name from configMap
              valueFrom:
                configMapKeyRef:
                  name: db-config
                  key: name
            - name: DB_USERNAME  # Setting Database username from Secret
              valueFrom:
                secretKeyRef:
                  name: db-user # Secret Name
                  key: username
            - name: DB_PASSWORD # Setting Database password from Secret
              valueFrom:
                secretKeyRef:
                  name: db-user
                  key: password

Below is the ingress yaml:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: springboot-ingress
  annotations:
   ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: testing.mydomain.dev
    http:
     paths:
     - backend:
        serviceName: hotelapplication
        servicePort: 8080

All the resources – pods, deployments, services, endpoints seem to work fine.

Ingress:

Name:             springboot-ingress
Namespace:        default
Address:
Default backend:  default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
  Host                          Path  Backends
  ----                          ----  --------
  testing.mydomain.dev
                                   hotelapplication:8080 (192.168.254.51:8080)
Annotations:                    ingress.kubernetes.io/rewrite-target: /
Events:                         <none>

Services:

NAME                      TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
hotelapplication         ClusterIP   10.109.220.90   <none>        8080/TCP   37m

Deployments:

NAME                             READY   UP-TO-DATE   AVAILABLE   AGE
hotelapplication                  1/1     1            1           5h55m
mysql-hotelapplication            1/1     1            1           22h
nfs-client-provisioner            1/1     1            1           23h

Pods object:

NAME                                              READY   STATUS    RESTARTS    AGE
hotelapplication-596f65488f-cnhlc                  1/1     Running   0          149m
mysql-hotelapplication-65587cb8c8-crx4v            1/1     Running   0          22h
nfs-client-provisioner-64f4fb59d8-cb6hd            1/1     Running   0          23h

I have deleted services/deployments/pods and retried, all in vain. Please help me to fix this.

Edit 1:

I have added nginx.ingress.kubernetes.io/ssl-redirect: "false" to the ingress service definition. But, I am facing the same issue. On accessing the public IP of the host, I am facing 502 Bad Gateway error.

On the logs of ingress, I found below error:

P/1.1", upstream: "http://192.168.254.56:8081/", host: "myip"
2021/05/06 06:01:33 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:33 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:34 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:34 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:34 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:35 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:35 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:35 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:36 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:36 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:36 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
W0506 06:06:46.328727       6 controller.go:391] Service "ingress-nginx/default-http-backend" does not have any active Endpoint
W0506 06:09:06.921564       6 controller.go:391] Service "ingress-nginx/default-http-backend" does not have any active Endpoint

2

Answers


  1. Chosen as BEST ANSWER

    Apparently, I had configured the incorrect containerPort in the deployment. There is nothing wrong with ingress configuration. But, kubernetes did not actually show any errors in logs which made debugging pretty difficult.

    Just a tip for beginners, before trying to expose your services, test the service by configuring the 'type' in service definition as 'NodePort'. This way we can ensure the service is configured correctly, just by accessing the service easily outside the cluster.


  2. you got the error due to "Your connection is not private" due to your ingress don’t have the SSL/TLS certificate and you tried maybe accessing the domain name over HTTPS.

    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
      name: springboot-ingress
      annotations:
       ingress.kubernetes.io/rewrite-target: /
    spec:
      rules:
      - host: testing.mydomain.dev
        http:
         paths:
         - backend:
            serviceName: hotelapplication
            servicePort: 8080
    

    if you are opening URL in the browser testing.mydomain.dev and it’s showing error means Ingres not using the HTTPS but the browser may be trying over HTTPS.

    you can add the annotation like ingress.kubernetes.io/ingress.allow-http: "false" an try

    apiVersion: extensions/v1beta1
        kind: Ingress
        metadata:
          name: springboot-ingress
          annotations:
           ingress.kubernetes.io/rewrite-target: /
           ingress.kubernetes.io/ingress.allow-http: "false"
        spec:
          rules:
          - host: testing.mydomain.dev
            http:
             paths:
             - backend:
                serviceName: hotelapplication
                servicePort: 8080
    

    try accessing the data on HTTP:// in incognito

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search