CODEWITHSUNDEEP
nginxkuberneteskubernetes-ingressnginx-ingress
Shammir
Shammir

Reputation: 989

Can't understand nginx.ingress.kubernetes.io/app-root: "/identity" with multiple services under it

I have an ingress definition like this

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: {{ $fullName }}-stateful
  labels: 
    app: oxauth
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.org/ssl-services: "oxtrust"
    nginx.ingress.kubernetes.io/app-root: "/identity"    <------------------- CONFUSING
    nginx.ingress.kubernetes.io/affinity: "cookie"
spec:
{{- if .Values.ingress.tls }}
  tls:
  {{- range .Values.ingress.tls }}
    - hosts:
      {{- range .hosts }}
        - {{ . | quote }}
      {{- end }}
      secretName: {{ .secretName }}
  {{- end }}
{{- end }}
  rules:
  {{- range .Values.ingress.hosts }}
    - host: {{ . | quote }}
      http:
        paths:
          - path: /identity
            backend:
              serviceName: oxtrust
              servicePort: 8080
          - path: /idp
            backend:
              serviceName: oxshibboleth
              servicePort: 8080
          - path: /passport
            backend:
              serviceName: oxpassport
              servicePort: 8090

I know nginx.ingress.kubernetes.io/app-root is supposed to redirect requests coming from / to the one define there. My question is since now we have multiple services defined under that ingress object what will happen?? I am very confused here. Putting in mind there is another ingress defined as shown.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: {{ $fullName }}-base
  labels:
    app: oxtrust
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/app-root: "/identity"
    nginx.ingress.kubernetes.io/affinity: "cookie"
    nginx.ingress.kubernetes.io/session-cookie-name: "route"
    nginx.ingress.kubernetes.io/session-cookie-hash: "sha1"

spec:
{{- if .Values.ingress.tls }}
  tls:
  {{- range .Values.ingress.tls }}
    - hosts:
      {{- range .hosts }}
        - {{ . | quote }}
      {{- end }}
      secretName: {{ .secretName }}
  {{- end }}
{{- end }}
  rules:
  {{- range .Values.ingress.hosts }}
    - host: {{ . | quote }}
      http:
        paths:
          - path: /
            backend:
              serviceName: oxtrust
              servicePort: 8080
  {{- end }}

Much appreciated.

Upvotes: 0

Views: 511

Answers (1)

Shammir
Shammir

Reputation: 989

Any request coming through the specified routes in that ingress definition should be rewritten or directed to /identity

Upvotes: 1

Related Questions