yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
71d5c814e7cd147ecf1616dcdb847abdd12996f9
doc-exports/docs/cce/umn/cce_10_0508.html
qiujiandong1 71d5c814e7 CCE UMN 20250311 version 
Reviewed-by: Eotvos, Oliver <oliver.eotvos@t-systems.com>
Co-authored-by: qiujiandong1 <qiujiandong1@huawei.com>
Co-committed-by: qiujiandong1 <qiujiandong1@huawei.com>
2025-06-16 14:58:53 +00:00

76 lines
9.4 KiB
HTML
Raw Blame History

<a name="cce_10_0508"></a><a name="cce_10_0508"></a>
<h1 class="topictitle1">NGINX Ingress Controller</h1>
<div id="body0000001710199777"><div class="section" id="cce_10_0508__section76841181396"><h4 class="sectiontitle">Check Items</h4><ul id="cce_10_0508__ul163819465252"><li id="cce_10_0508__li12381746142517">Check item 1: Check whether there is an Nginx Ingress route whose ingress type is not specified (<strong id="cce_10_0508__b184899485261">kubernetes.io/ingress.class: nginx</strong> is not added to <strong id="cce_10_0508__b84891748172611">annotations</strong>) in the cluster.</li><li id="cce_10_0508__li132081848162519">Check item 2: Check whether the DefaultBackend Service specified by the NGINX Ingress Controller backend is available.</li></ul>
</div>
<div class="section" id="cce_10_0508__section18775201773016"><a name="cce_10_0508__section18775201773016"></a><a name="section18775201773016"></a><h4 class="sectiontitle">Fault Locating</h4><p id="cce_10_0508__p1404152415276"><strong id="cce_10_0508__b196250221531">For Check Item 1</strong></p>
<p id="cce_10_0508__en-us_topic_0000001659189684_p149811003016">For Nginx Ingress, check the YAML. If the ingress type is not specified in the YAML file and the ingress is managed by the NGINX Ingress Controller, the ingress is at risk. </p>
<ol id="cce_10_0508__en-us_topic_0000001659189684_ol11526201531211"><li id="cce_10_0508__cce_faq_00430_li177352415163"><span>Check the ingress type.</span><p><div class="p" id="cce_10_0508__cce_faq_00430_p175448512165">Run the following command:<pre class="screen" id="cce_10_0508__cce_faq_00430_screen8197154313243">kubectl get ingress &lt;ingress-name&gt; -oyaml | grep -E ' kubernetes.io/ingress.class: | ingressClassName:' -B 1</pre>
<ul id="cce_10_0508__cce_faq_00430_ul3905353102420"><li id="cce_10_0508__cce_faq_00430_li1872018417254">Fault scenario: If the command output is empty, the ingress type is not specified.</li><li id="cce_10_0508__cce_faq_00430_li11773102015174">Normal scenario: The command output is not empty, indicating that the ingress type has been specified by <strong id="cce_10_0508__cce_faq_00430_b14573103412297">annotations</strong> or <strong id="cce_10_0508__cce_faq_00430_b18757136122913">ingressClassName</strong>.<p id="cce_10_0508__cce_faq_00430_p1593022211170"><span><img id="cce_10_0508__cce_faq_00430_image16676201821713" src="en-us_image_0000002218659254.png"></span></p>
</li></ul>
</div>
</p></li><li id="cce_10_0508__cce_faq_00430_li56502032131211"><span>Ensure that the ingress is managed by the Nginx ingress Controller. The LoadBalancer Ingresses are not affected by this issue.</span><p><ul id="cce_10_0508__cce_faq_00430_ul17621181381814"><li id="cce_10_0508__cce_faq_00430_li1162117132189">For clusters of v1.19, confirm this issue using <strong id="cce_10_0508__cce_faq_00430_b7997452193014">managedFields</strong>.<pre class="screen" id="cce_10_0508__cce_faq_00430_screen1714335831816">kubectl get ingress &lt;ingress-name&gt; -oyaml | grep 'manager: nginx-ingress-controller'</pre>
<p id="cce_10_0508__cce_faq_00430_p5836155781714"><span><img id="cce_10_0508__cce_faq_00430_image168361457171717" src="en-us_image_0000002218819094.png"></span></p>
</li><li id="cce_10_0508__cce_faq_00430_li3621413161816">For clusters of other versions, check the logs of the NGINX Ingress Controller pod.<pre class="screen" id="cce_10_0508__cce_faq_00430_screen1232816121915"> kubectl logs -nkube-system cceaddon-nginx-ingress-controller-545db6b4f7-bv74t | grep 'updating Ingress status'</pre>
<p id="cce_10_0508__cce_faq_00430_p186373269187"><span><img id="cce_10_0508__cce_faq_00430_image263772641816" src="en-us_image_0000002253778885.png"></span></p>
</li></ul>
<p id="cce_10_0508__cce_faq_00430_p059415271181">If the fault persists, contact technical support.</p>
</p></li></ol>
<p id="cce_10_0508__p147351424273"><strong id="cce_10_0508__b1628152835313">For Check Item 2</strong></p>
<ol id="cce_10_0508__ol18116183214285"><li id="cce_10_0508__li1811612323280"><span>View the DefaultBackend Service in the namespace where the NGINX Ingress Controller is deployed.</span><p><pre class="screen" id="cce_10_0508__screen13699195913315">kubectl get pod cceaddon-nginx-ingress-<i><span class="varname" id="cce_10_0508__varname46501538195311">&lt;controller-name&gt;</span></i>-controller-*** -n <i><span class="varname" id="cce_10_0508__varname11962144285312">&lt;namespace&gt;</span></i> -oyaml | grep 'default-backend'</pre>
<p id="cce_10_0508__p5642241103713">In the preceding command, <em id="cce_10_0508__i12761134319220">cceaddon-nginx-ingress-&lt;controller-name&gt;-controller-***</em> is the controller pod name, <em id="cce_10_0508__i17482154712216">&lt;controller-name&gt;</em> is the controller name specified during add-on installation, and <em id="cce_10_0508__i9673152431">&lt;namespace&gt;</em> is the namespace where the controller is deployed.</p>
<p id="cce_10_0508__p28531613339">Command output:</p>
<pre class="screen" id="cce_10_0508__screen1157916595321">- '--default-backend-service=<i><span class="varname" id="cce_10_0508__varname4513164855312">&lt;namespace&gt;</span></i>/<i><span class="varname" id="cce_10_0508__varname62195235314">&lt;backend-svc-name&gt;</span></i>'</pre>
<p id="cce_10_0508__p162311656113313">In the preceding command, <em id="cce_10_0508__i764919241832">&lt;backend-svc-name&gt;</em> is the name of the DefaultBackend Service for the NGINX Ingress Controller.</p>
</p></li><li id="cce_10_0508__li2843182413916"><span>Check whether the DefaultBackend Service of the NGINX Ingress Controller is available.</span><p><pre class="screen" id="cce_10_0508__screen469419113514">kubectl get svc <i><span class="varname" id="cce_10_0508__varname789715418567">&lt;backend-svc-name&gt;</span></i> -n <i><span class="varname" id="cce_10_0508__varname957715711567">&lt;namespace&gt;</span></i></pre>
<p id="cce_10_0508__p77091259360">If the Service is unavailable, this check item failed.</p>
</p></li></ol>
</div>
<div class="section" id="cce_10_0508__section8973926101120"><h4 class="sectiontitle">Solution</h4><p id="cce_10_0508__p17629183393519"><strong id="cce_10_0508__b088118476538">For Check Item 1</strong></p>
<p id="cce_10_0508__en-us_topic_0000001659189684_p13346153819912">Add an annotation to the Nginx ingresses as follows:</p>
<pre class="screen" id="cce_10_0508__en-us_topic_0000001659189684_screen93945694">kubectl annotate ingress &lt;ingress-name&gt; kubernetes.io/ingress.class=nginx</pre>
<div class="notice" id="cce_10_0508__en-us_topic_0000001659189684_note034817533515"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="cce_10_0508__en-us_topic_0000001659189684_p434815583516">There is no need to add this annotation to LoadBalancer ingresses. <a href="#cce_10_0508__section18775201773016">Verify</a> that these ingresses are managed by NGINX Ingress Controller.</p>
</div></div>
<p id="cce_10_0508__p64774443359"><strong id="cce_10_0508__b15470125017537">For Check Item 2</strong></p>
<div class="p" id="cce_10_0508__p18271347173710">Create the DefaultBackend Service again.<ul id="cce_10_0508__ul10268210388"><li id="cce_10_0508__li6301153512388">If a custom DefaultBackend Service has been specified in the default 404 service configuration during add-on installation, create the same Service.</li><li id="cce_10_0508__li13262023382">If the default DefaultBackend Service is used during add-on installation, the re-created YAML example is as follows:<pre class="screen" id="cce_10_0508__screen1948212387435">apiVersion: v1
kind: Service
metadata:
name: cceaddon-nginx-ingress-<i><span class="varname" id="cce_10_0508__varname16591155052">&lt;controller-name&gt;</span></i>-default-backend # <i><span class="varname" id="cce_10_0508__varname14403621195720">&lt;controller-name&gt;</span></i> is the controller name.
namespace: kube-system
labels:
app: nginx-ingress-<i><span class="varname" id="cce_10_0508__varname754571311510">&lt;controller-name&gt;</span></i>
app.kubernetes.io/managed-by: Helm
chart: nginx-ingress-<i><span class="varname" id="cce_10_0508__varname1650410357">&lt;version&gt;</span></i> # <i><span class="varname" id="cce_10_0508__varname1557833675716">&lt;version&gt;</span></i> is the add-on version.
component: default-backend
heritage: Helm
release: cceaddon-nginx-ingress-<i><span class="varname" id="cce_10_0508__varname146776511558">&lt;controller-name&gt;</span></i>
annotations:
meta.helm.sh/release-name: cceaddon-nginx-ingress-<i><span class="varname" id="cce_10_0508__varname18195551856">&lt;controller-name&gt;</span></i>
meta.helm.sh/release-namespace: <i><span class="varname" id="cce_10_0508__varname67781110980">kube-system</span></i> # Namespace where the add-on is installed
spec:
ports:
- name: http
protocol: TCP
port: 80
targetPort: http
selector:
app: nginx-ingress-<i><span class="varname" id="cce_10_0508__varname123506231062">&lt;controller-name&gt;</span></i>
component: default-backend
release: cceaddon-nginx-ingress-<i><span class="varname" id="cce_10_0508__varname1796135712711">&lt;controller-name&gt;</span></i>
type: ClusterIP
sessionAffinity: None
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster</pre>
</li></ul>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="cce_10_0550.html">Troubleshooting for Pre-upgrade Check Exceptions</a></div>
</div>
</div>
View Git Blame Copy Permalink