I have created a docker image ( java web application ), created a kubernetes cluster with 1 master and 1 worker, created a deployment and a service. All the resources seem to run fine as I have checked by ‘kubectl describe resource resourcename’. At last, I used Ingress in order to expose the services outside the cluster. The ingress resource seems to work fine as there are no errors while describing the ingress object. However, on accessing the host on a browser from another machine , I get "Your connection is not private" error. I am pretty new to Kubernetes and I am unable to debug the cause of this.
Below are service/deployment yaml files, ingress file contents and the status of resources.
Service and Deployment YAML:
kind: Service
apiVersion: v1
metadata:
name: hotelapplication
labels:
name: hotelapplication
spec:
ports:
- name: appport
port: 8080
targetPort: 8080
selector:
app: hotelapplication
type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hotelapplication
spec:
selector:
matchLabels:
app: hotelapplication
replicas: 1
template:
metadata:
labels:
app: hotelapplication
spec:
containers:
- name: hotelapplication
image: myname/hotelapplication:2.0
imagePullPolicy: Always
ports:
- containerPort: 8080
env: # Setting Enviornmental Variables
- name: DB_HOST # Setting Database host address from configMap
valueFrom:
configMapKeyRef:
name: db-config # name of configMap
key: host
- name: DB_NAME # Setting Database name from configMap
valueFrom:
configMapKeyRef:
name: db-config
key: name
- name: DB_USERNAME # Setting Database username from Secret
valueFrom:
secretKeyRef:
name: db-user # Secret Name
key: username
- name: DB_PASSWORD # Setting Database password from Secret
valueFrom:
secretKeyRef:
name: db-user
key: password
Below is the ingress yaml:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: springboot-ingress
annotations:
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: testing.mydomain.dev
http:
paths:
- backend:
serviceName: hotelapplication
servicePort: 8080
All the resources – pods, deployments, services, endpoints seem to work fine.
Ingress:
Name: springboot-ingress
Namespace: default
Address:
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
testing.mydomain.dev
hotelapplication:8080 (192.168.254.51:8080)
Annotations: ingress.kubernetes.io/rewrite-target: /
Events: <none>
Services:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hotelapplication ClusterIP 10.109.220.90 <none> 8080/TCP 37m
Deployments:
NAME READY UP-TO-DATE AVAILABLE AGE
hotelapplication 1/1 1 1 5h55m
mysql-hotelapplication 1/1 1 1 22h
nfs-client-provisioner 1/1 1 1 23h
Pods object:
NAME READY STATUS RESTARTS AGE
hotelapplication-596f65488f-cnhlc 1/1 Running 0 149m
mysql-hotelapplication-65587cb8c8-crx4v 1/1 Running 0 22h
nfs-client-provisioner-64f4fb59d8-cb6hd 1/1 Running 0 23h
I have deleted services/deployments/pods and retried, all in vain. Please help me to fix this.
Edit 1:
I have added nginx.ingress.kubernetes.io/ssl-redirect: "false" to the ingress service definition. But, I am facing the same issue. On accessing the public IP of the host, I am facing 502 Bad Gateway error.
On the logs of ingress, I found below error:
P/1.1", upstream: "http://192.168.254.56:8081/", host: "myip"
2021/05/06 06:01:33 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:33 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:34 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:34 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:34 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:35 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:35 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:35 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET / HTTP/1.1", upstream: "http://192.168.254.56:8081/", host: "<myhostipaddress>"
2021/05/06 06:01:36 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:36 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
2021/05/06 06:01:36 [error] 115#115: *272 connect() failed (111: Connection refused) while connecting to upstream, client: <clientipaddress>, server: _, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.254.56:8081/favicon.ico", host: "<myhostipaddress>", referrer: "http://<myhostipaddress>/"
W0506 06:06:46.328727 6 controller.go:391] Service "ingress-nginx/default-http-backend" does not have any active Endpoint
W0506 06:09:06.921564 6 controller.go:391] Service "ingress-nginx/default-http-backend" does not have any active Endpoint
2
Answers
Apparently, I had configured the incorrect containerPort in the deployment. There is nothing wrong with ingress configuration. But, kubernetes did not actually show any errors in logs which made debugging pretty difficult.
Just a tip for beginners, before trying to expose your services, test the service by configuring the 'type' in service definition as 'NodePort'. This way we can ensure the service is configured correctly, just by accessing the service easily outside the cluster.
you got the error due to "Your connection is not private" due to your ingress don’t have the SSL/TLS certificate and you tried maybe accessing the domain name over HTTPS.
if you are opening URL in the browser
testing.mydomain.dev
and it’s showing error means Ingres not using the HTTPS but the browser may be trying over HTTPS.you can add the annotation like
ingress.kubernetes.io/ingress.allow-http: "false"
an trytry accessing the data on
HTTP://
in incognito