CODEWITHSUNDEEP
google-kubernetes-enginekubernetes-ingresscontourknativeknative-serving
i-haidar
i-haidar

Reputation: 53

Using Ingress with Knative service and Contour

I'm running Knative with Contour for a POC. At the moment, we are using K8s Ingresses (nginx ingress controller) to route traffic to our services.

I was wanting to test out how it would work if I use an Ingress to route traffic to a helloworld Knative service for testing.

My Ingress:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: knative-hello-ingress
  annotations:
    external-dns.alpha.kubernetes.io/hostname: "hello-world.my-domain.com"
spec:
  ingressClassName: "generic-class"
  rules:
  - host: "hello-world.my-domain.com"
    http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: hello <-- The svc associated with my Knative service/route
            port:
              number: 80

K8s services:

hello                        ClusterIP   None            <none>        80/TCP                                               5d6h
hello-00001                  ClusterIP   <redacted>      <none>        80/TCP,443/TCP                                       5d6h
hello-00001-private          ClusterIP   <redacted>      <none>        80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP   5d6h
hello-00002                  ClusterIP   <redacted>      <none>        80/TCP,443/TCP                                       5d6h
hello-00002-private          ClusterIP   <redacted>      <none>        80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP   5d6h

My issue is the following. Requests made to hello-world.my-domain.com are routed to the Knative service, and to the envoy in the contour-internal namespace. From there, envoy returns the following error.

[<timestamp>] "GET / HTTP/1.1" 404 NR 0 0 0 - "<IP redacted>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "<redacted>" "hello-world.my-domain.com" "-"

It seems that the envoy on contour side is attempting to find my domain in its configuration, instead of the request directly reaching my service. I don't quite understand how the networking works with Contour. I'd like to be able to use only K8s Ingress to route the traffic to my Knative services. I cannot find clarity within the documentation.

The Ingress works if I route traffic to hello-00001 or hello-00002 services.

Upvotes: 0

Views: 367

Answers (1)

i-haidar
i-haidar

Reputation: 53

Issue was Nginx ingress controller rewriting host.

added the following annotation and resolved the issue:

 nginx.ingress.kubernetes.io/upstream-vhost: "hello.knative.svc.cluster.local"

Upvotes: 0

Related Questions