Kong Ingress controller serve different path to the backend service

#1

Can I create a custom path in my Ingress resource to work with kong-ingress-controller.
Currently I have:

apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
  name:  example-kongingress
  #namespace: example
proxy:
  path: /
route:
  methods:
  - POST
  - PUT
  - DELETE
  - PATCH
  - GET
  - OPTIONS
  protocols:
  - https
  - http
  strip_path: true
  preserve_host: true
proxy:
  protocol: http #https
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: zcrm365-sandbox-ingress
  annotations:
    kubernetes.io/ingress.class: "kong"
    certmanager.k8s.io/cluster-issuer: letsencrypt-staging
    configuration.konghq.com: example-kongingress
    certmanager.k8s.io/acme-challenge-type: http01
    kubernetes.io/tls-acme: "true"
    certmanager.k8s.io/acme-http01-edit-in-place: "true"
spec:
  rules:
  - host: zcrm365sand.possibilit.nl
    http:
      paths:
        - path: "/priva"
          backend:
            serviceName: zcrm365sandbox
            servicePort: 80
  tls:
  - hosts:
    - zcrm365sand.possibilit.nl
    secretName: letsencrypt-staging

And I want to go to http://zcrm365sand.possibilit.nl/priva looks like it works, but I get the following error in relation to my Swagger API which is the service that I want to reach

image

Is there something to keep in mind to work with a different path to our service?

0 Likes

#2

Hi @bgarcial,

Not sure if I understand you correctly but do you wish to proxy /swagger/v1/swagger.json to /some/other/path/swagger/v1/swagger.json?

If that is what you want, it can be done using proxy.path parameter, which you’ve currently set to /.

1 Like

#3

Hi @hbagdi, thanks for your answer

I’m trying to create a KongIngress resources for a single service so that I can specify a different proxy path for a specified path

proxy path: /
ingress path: /priva

So, my Kong-Ingress and Ingress resources are the following:

apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
  name: kong-sandbox-ingress-config
  namespace: kong
config:
    headers: [Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Auth-Token, Location, Authorization]
    exposed_headers: [X-Auth-Token, Location, Authorization]
upstream:
  name: zcrm365sand.possibilit.nl
  hash_on: ip
  hash_fallback: none
  hash_on_cookie_path: "/priva"
  healthchecks:
    active:
      concurrency: 10
      healthy:
        http_statuses:
        - 200
        - 302
        interval: 0
        successes: 0
      http_path: "/priva"
      timeout: 1
      unhealthy:
        http_failures: 0
        http_statuses:
        - 429
        - 404
        - 500
        - 501
        - 502
        - 503
        - 504
        - 505
        interval: 0
        tcp_failures: 0
        timeouts: 0
    passive:
      healthy:
        http_statuses:
        - 200
        - 201
        - 202
        - 203
        - 204
        - 205
        - 206
        - 207
        - 208
        successes: 0
      unhealthy:
        http_failures: 0
        http_statuses:
        - 429
        - 500
        - 503
        tcp_failures: 0
        timeouts: 0
    slot: 10
proxy:
  path: /swagger/v1/swagger.json
route:
  protocol: http
  methods:
  - POST
  - GET
  regex_priority: 0
  strip_path: true # change or not
  preserve_host: true
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: zcrm365-sandbox-ingress
  namespace: kong
  annotations:
    kubernetes.io/ingress.class: "kong"
    certmanager.k8s.io/cluster-issuer: letsencrypt-prod #letsencrypt-staging
    configuration.konghq.com: kong-sandbox-ingress-config
    certmanager.k8s.io/acme-challenge-type: http01
    kubernetes.io/tls-acme: "true"
    certmanager.k8s.io/acme-http01-edit-in-place: "true"
spec:
  tls:
  - hosts:
    - zcrm365sand.possibilit.nl
    secretName: letsencrypt-prod #-staging
  rules:
  - host: zcrm365sand.possibilit.nl
    http:
      paths:
        - path: "/priva"  #Navigator
          backend:
            serviceName: zcrm365-sandbox
            servicePort: 80

I got the following cases of behavior:

  • When I access the URL http://zcrm365sand.possibilit.nl/priva
    I get the content served from path: /; instead of path:/priva
    This means that I get access to http://zcrm365sand.possibilit.nl/ and I don’t want to configure routes there

  • When I access the URL http://zcrm365sand.possibilit.nl/priva/
    I get the content served from path: /priva/; instead of path:/priva
    But it happens that I have to add to my path the ‘/’ at the end this means path: /priva/

An also my KongIngress resource not found the swagger content json
indicating that the kong-sandbox-ingress KongIngress resource is not being configured right but I fail to see any misconfigurations with the Ingress definitions.

But when I try with httpie command I get a 200 status code from these two route

    ⟩ http http://zcrm365sand.possibilit.nl/priva
    HTTP/1.1 200 OK
    Connection: keep-alive
    Content-Type: application/json;charset=utf-8
    Date: Tue, 09 Apr 2019 12:52:45 GMT
    Server: Kestrel
    Transfer-Encoding: chunked
    Via: kong/1.0.0
    X-Kong-Proxy-Latency: 0
    X-Kong-Upstream-Latency: 2

    {
        "definitions": {},
        "info": {
            "title": "ZAccountSync API",
            "version": "v1"
        },
        "paths": {
            "/api/AccountSync": {
                "post": {
                    "consumes": [],
                    "operationId": "Post",
                    "parameters": [],
                    "produces": [],
                    "responses": {
                        "200": {
                            "description": "Success"
                        }
                    },
                    "tags": [
                        "AccountSync"
                    ]
                }
            }
        },
        "swagger": "2.0"
    }
⟩ http http://zcrm365sand.possibilit.nl/priva/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Date: Tue, 09 Apr 2019 12:57:07 GMT
Server: Kestrel
Transfer-Encoding: chunked
Via: kong/1.0.0
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 3

{
    "definitions": {},
    "info": {
        "title": "ZAccountSync API",
        "version": "v1"
    },
    "paths": {
        "/api/AccountSync": {
            "post": {
                "consumes": [],
                "operationId": "Post",
                "parameters": [],
                "produces": [],
                "responses": {
                    "200": {
                        "description": "Success"
                    }
                },
                "tags": [
                    "AccountSync"
                ]
            }
        }
    },
    "swagger": "2.0"
}

And I can see the path in my route table on kong database and is the /swagger/v1/swagger.json value

I am not sure if I am ignoring something in relation to indicate to kong what is my URL Swagger API address, and also here, I’ve found some similar situation reported like an issue, although looks like something expected https://github.com/Kong/kong/issues/4469

I am using Kong Ingress Controller v0.3.0 and Kong v 1.0.0

0 Likes

#4

To best my knowledge the KongIngress rule and Ingress rule must have the same name or they will not get matched up together.

Also a thing used to be the KongIngress must be created before the Ingress rule (so if you’re using Helm that is something to remember, as Helm has it’s own ordering) I think this is still the case in the current version.

The proxy path - again to best my knowledge - applies to all ingress rules mapping to the same backend service. So if you have 2 ingress rules mapping to the same backend service, you cannot specify a different proxy path override for both.

We had to start using a URL rewrite plugin to accomodate that requirement. Not sure if that is your direct problem though but I figured I’d mention it in case you run into it.

Also you do not mention using this but I recommend a simple HTTP echo service that echos out your full request and headers as a response to troubleshoot these sorts of issues.

1 Like