You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It attempted to use an IPv6 address on a host that doesn't support it (GCE). If the host does not support it, the buildResolvers func should set it to off I believe.
It attempted to use an IPv6 address on a host that doesn't support it (GCE). If the host does not support it, the buildResolvers func should set it to off I believe.
The ingress controller doesn't know where it's running. There's no difference between cloud providers, baremetal or minikube. That said we can add an option to disable IPV6 from the dns resolver http://nginx.org/en/docs/http/ngx_http_core_module.html#resolver
I'm gonna try to take a crack at this. To clarify, you are suggesting adding a CLI option to the nginx-ingress-controller, say, enableDNSResolverIPv6 / --enable-dns-resolver-ipv6?
Kubernetes version (use
kubectl version
):1.9.1-gke.0
Ingress nginx version
quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.10.1
Environment:
GKE
Container-Optimized OS from Google
What happened:
I am trying to setup external authentication with oauth2_proxy. I configured the ingress with the following annotations:
When I got to https://hello.levenlabs.com, it 403's with these logs:
It attempted to use an IPv6 address on a host that doesn't support it (GCE). If the host does not support it, the buildResolvers func should set it to off I believe.
What you expected to happen:
I expected nginx to successfully connect to https://hello.levenlabs.com/oauth2/auth for external authentication
How to reproduce it (as minimally and precisely as possible):
Setup an nginx ingress with the following annotations:
Where DOMAIN is a domain that resolves to an IPv4 and IPv6 address.
The text was updated successfully, but these errors were encountered: