[Kong Ingress Controller] Ingress Rule results in 400/Bad Request

Questions
1

Hi All,
I’m trying to set up a load balancing ingress rule for Kong, here is my load balancer Service:

      apiVersion: v1
  kind: Service
  metadata:
    name: kong-proxy
    namespace: kong
    labels:
      k8s-addon: ingress-nginx.addons.k8s.io
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-ssl-cert: [redacted]
      service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "[redacted]"
      service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "tcp"
      service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
      service.beta.kubernetes.io/aws-load-balancer-ssl-ports: '443'
      service.beta.kubernetes.io/aws-load-balancer-internal:  [redacted]
  spec:
    loadBalancerSourceRanges:
    - [redacted]
    type: LoadBalancer
    ports:
    - name: https
      port: 443
      targetPort: 8000
    - name: http
      port: 80
      targetPort: 8000
    selector:
      app: kong

And my ingress Rule

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: http-svc
  namespace: kong
  annotations:
    kubernetes.io/ingress.class: "kong-internal"
spec:
  rules:
  - host: someAWSLoadBalancerURL.com
    http:
      paths:
      - path: /test/
        backend:
          serviceName: http-svc
          servicePort: 80

So if I call someAWSLoadBalancerURL.com/test I get a Bad Request

However if I exec into the kong proxy container and run:

curl http://localhost:8000/test/ -H 'Host: someAWSLoadBalancerURL.com'

I get the expected response:

Hostname: http-svc-7dd9588c5-9x7wt

Pod Information:
node name: ip-10-97-35-164.ec2.internal
pod name: http-svc-7dd9588c5-9x7wt
pod namespace: kong
pod IP: 100.96.5.76

Server values:
server_version=nginx: 1.13.3 - lua: 10008

Request Information:
client_address=100.96.4.30
method=GET
real path=/test
query=
request_version=1.1
request_uri=http://100.96.5.76:8080/test

I’m trying to figure out where I’m missing my step, Kong is obviously configured correctly, but it doesn’t handle any response that comes from the loadbalancer. Thoughts?

2

Hello @anthonyk,

Are you getting a bad request from the LB or from Kong?
Have you made sure that Kong instances are registered properly with the AWS LB?

3

@hbagdi
Hi Im having the same issue

Error getting generated from Kong,

Kong registered with LB

image
image927×203 16.3 KB

4

Based on the screenshot, it seems that https port is sending traffic to 30819.
Here is how I would go about debugging this:

  1. Ensure that http requests go through
  2. If 1 works, then the problem is specific to https, in that case, make sure that traffic being forwarded from ELB is sent to the right port. Meaning, https traffic should be sent to https port. If you are terminate https at elb, then you should send all traffic, port 80 and 443, to the http port of kong.