Skip to content

[BUG] Application Gateway for Containers httproute wildcard hostname not working #4713

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
[BUG] Application Gateway for Containers httproute wildcard hostname not working#4713
Assignees
JackStromberg
Labels
AGCApplication Gateway for Containersbug
@jack1902

Description

@jack1902
jack1902
opened on Dec 17, 2024

Describe the bug
When using Application Gateway for Containers with a httproute referencing a gateway, a hostname value such as *.contoso.com doesn't work. This renders functionality within my app entirely useless, as i would be required to add entries to hostnames for each expected prefix.

According to the documentation around the Gateway API wildcards are possible

To Reproduce
Steps to reproduce the behavior:

  1. Provision an Application Gateway for containers resource and wire in a gateway with a listener
  2. Deploy a httproute pointing to your application which defines hostnames
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: http-route
spec:
  hostnames:
  # This wildcard will not function
  - '*.contoso.com'
  # Below examples would work, but i wanted to use the wildcard as per the gateway API specifications
  # - "customerA.contoso.com"
  # - "customerB.contoso.com"
  parentRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: gateway
    namespace: kube-system
  rules:
  - backendRefs:
    - group: ""
      kind: Service
      name: <yourservice>
      port:
  1. Attempt to call the system
fqdn=$(kubectl get gateway gateway -n kube-system -o jsonpath='{.status.addresses[0].value}')
# This assumes you actually have a service running
curl --header 'Host: customerA.contoso.com' --insecure https://$fqdn

Expected behavior
I expected *.contoso.com to function but it doesn't. Using specific entries does work, but that will not scale, and goes against the Gateway API specifications

Environment (please complete the following information):

  • CLI Version: 1.32
  • Kubernetes version: v1.30.6

Additional context
I'm aiming to use the application gateway for containers to fully replace ingress, as it makes moving between clouds and on-premise sigificantly easier. This is purely for static assets which i will be looking to port to something else, but currently running inside a container. Whilst i can get around this issue, would be good to flag for others.

In addition to this, i will check the feature request for the Application Gateway for Containers Application Firewall feature (i have seen it was mentioned a while back on various forums but it feels like AppGW for Containers is not used heavily?)

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

AGCApplication Gateway for Containersbug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions