Handling multiple sub paths via Nginx Ingress

Question

I am struggling to have Ingress controller to properly handle sub paths. My architecture - two services sat on diff paths of one domain. Each service has its own ingress configuration:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: ingress1
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/rewrite-target: /
    cert-manager.io/cluster-issuer: "letsencrypt-production-issuer"
    kubernetes.io/ingress.allow-http: "false"    
spec:
  tls:
  - hosts:
    - api.mydomain.com
    secretName: my-secret
  rules:
  - host: api.mydomain.com
    http:
      paths:
      - path: /path1
        backend:
          serviceName: service1
          servicePort: 80

And

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: ingress2
  annotations:
    kubernetes.io/ingress.class: "nginx"
    cert-manager.io/cluster-issuer: "letsencrypt-production-issuer"
    kubernetes.io/ingress.allow-http: "false"
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  tls:
  - hosts:
    - api.mydomain.com
    secretName: my-secret
  rules:
  - host: api.mydomain.com
    http:
      paths:
      - path: /path2
        backend:
          serviceName: service2
          servicePort: 80

With the above configuration, 1st ingress works and i am able to reach my endpoints at api.mydomain.com/path1, in the same time api.mydomain.com/path2 returns http 400. What am i doing wrong?

Answer 1

So the actual problem was a bit different to ingress not being able to find an endpoint. My backend services are secure gRPC services and therefore expect to be called via https or grpcs. So setting an ingress to be running against secure backends solved the problem:

nginx.ingress.kubernetes.io/secure-backends: "true"

For a newer versions of k8s you should use different attributes.