Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Probing wrong protocol & port #773

Open
joke opened this issue Oct 7, 2024 · 0 comments
Open

Probing wrong protocol & port #773

joke opened this issue Oct 7, 2024 · 0 comments

Comments

@joke
Copy link

joke commented Oct 7, 2024
edited
Loading

Hi,

I've got a working gateway with a listener on port 443 (https) and a matching knative configuration.
I did not specify the service on purpose so the gateway status address should be used.

  external-gateways: |
    - class: istio
      gateway: istio-ingress/public
      supported-features:
      - HTTPRouteRequestTimeout
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: public
  namespace: istio-ingress
spec:
  gatewayClassName: istio
  listeners:
  - name: https
    port: 443
    protocol: HTTPS
    allowedRoutes:
      namespaces:
        from: All
    tls:
      mode: Terminate
      certificateRefs:
      - name: nlb-ingress-cert
  addresses:
  - value: public.istio-ingress.svc.cluster.local
    type: Hostname
status:
  addresses:
    - type: Hostname
      value: k8s-istioing-public-47f7af8222-33cca740264846c1.elb.eu-central-1.amazonaws.com

If I create a knative service the controller tries to probe with the correct external url but as http with port 80.

severity: ERROR
timestamp: '2024-10-07T15:48:22.538456762Z'
logger: net-gateway-api-controller
caller: 'status/status.go:462'
message: >-
  Probing of http://echo-pub--joke.cps-cloud-dev.eventim.com/ failed, IP:
  k8s-istioing-public-47f7af8222-33cca740264846c1.elb.eu-central-1.amazonaws.com:80,
  ready: false, error: error roundtripping
  http://echo-pub--joke.cps-cloud-dev.eventim.com/: context deadline exceeded
  (depth: 0)
commit: b4f1050-dirty
knative.dev/controller: knative.dev.net-gateway-api.pkg.reconciler.ingress.Reconciler
knative.dev/kind: networking.internal.knative.dev.Ingress
knative.dev/traceid: 33da7790-3c6f-4598-9ba3-ccf0902b9428
knative.dev/key: joke/echo-pub
stacktrace: "knative.dev/net-gateway-api/pkg/status.(*Prober).processWorkItem\n\tknative.dev/net-gateway-api/pkg/status/status.go:462\nknative.dev/net-gateway-api/pkg/status.(*Prober).Start.func1\n\tknative.dev/net-gateway-api/pkg/status/status.go:341"

If I specify a service in the configuration

  external-gateways: |
    - class: istio
      gateway: istio-ingress/public
      service: istio-ingress/public
      supported-features:
      - HTTPRouteRequestTimeout

Then the controller tries to probe service pod and switches to port 443 but it still seems to use the http protocol

severity: INFO
timestamp: '2024-10-07T16:02:25.240270755Z'
logger: net-gateway-api-controller
caller: 'status/status.go:416'
message: >-
  Processing probe for http://echo-pub--joke.cps-cloud-dev.eventim.com/, IP:
  100.64.131.97:443 (depth: 0)
commit: b4f1050-dirty
knative.dev/controller: knative.dev.net-gateway-api.pkg.reconciler.ingress.Reconciler
knative.dev/kind: networking.internal.knative.dev.Ingress
knative.dev/traceid: a5d3e48b-6e82-45ab-a4b0-6c6fb0b45144
knative.dev/key: joke/echo-pub
@joke joke changed the title [istio] Probing wrong protocol & port Probing wrong protocol & port Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@joke