Ingress controller generates wrong port number in haproxy.cfg
georgetsr opened this issue · comments
Description of the problem
Creating the following ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
haproxy-ingress.github.io/tcp-service-port: "8222"
labels:
app: gitlab-git
name: gitlab-git-default
namespace: gitlab
spec:
ingressClassName: haproxy
rules:
- http:
paths:
- backend:
service:
name: gitlab-gitlab-shell
port:
number: 8222
path: /
pathType: ImplementationSpecific
The service definition is:
apiVersion: v1
kind: Service
metadata:
annotations:
meta.helm.sh/release-name: gitlab
meta.helm.sh/release-namespace: gitlab
labels:
app: gitlab-shell
app.kubernetes.io/managed-by: Helm
chart: gitlab-shell-7.0.5
heritage: Helm
release: gitlab
name: gitlab-gitlab-shell
namespace: gitlab
spec:
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: ssh
port: 8222
protocol: TCP
targetPort: 2222
selector:
app: gitlab-shell
release: gitlab
sessionAffinity: None
type: ClusterIP
Looking the generated haproxy.cfg inside the pod i can see the following:
....
backend gitlab_gitlab-gitlab-shell_2222
mode tcp
balance roundrobin
server srv001 100.96.1.9:2222 weight 1 check inter 2s
server srv002 100.96.2.176:2222 weight 1 check inter 2s
server srv003 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv004 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv005 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv006 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv007 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv008 127.0.0.1:1023 disabled weight 1 check inter 2s
....
# # # # # # # # # # # # # # # # # # #
# #
# TCP SERVICES frontends
#
frontend _front_tcp_8222
bind :8222
mode tcp
default_backend gitlab_gitlab-gitlab-shell_2222
....
Any request on port 8222 results in TIMEOUT as the backend ports do not exist
Expected behavior
Would expect the generated backend configuration to be:
backend gitlab_gitlab-gitlab-shell_8222
mode tcp
balance roundrobin
server srv001 100.96.1.9:8222 weight 1 check inter 2s
server srv002 100.96.2.176:8222 weight 1 check inter 2s
server srv003 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv004 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv005 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv006 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv007 127.0.0.1:1023 disabled weight 1 check inter 2s
server srv008 127.0.0.1:1023 disabled weight 1 check inter 2s
and get a successful connection on port 8222 on the ingress node
Steps to reproduce the problem
- Apply the above manifests
Environment information
- Kubernetes version 1.25.10
- HAproxy Ingress controller chart version 0.14.3
HAProxy Ingress version: v0.14.3
Command-line options:
(paste command-line options here)
Global options:
(paste global configmap options here)
Ingress objects:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
haproxy-ingress.github.io/tcp-service-port: "8222"
labels:
app: gitlab-git
name: gitlab-git-default
namespace: gitlab
spec:
ingressClassName: haproxy
rules:
- http:
paths:
- backend:
service:
name: gitlab-gitlab-shell
port:
number: 8222
path: /
pathType: ImplementationSpecific
Seems that It's the expected behavior.
Sorry/