Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SS-1141 Added info on how to setup the custom backend for the errors on k8s level #62

Merged
merged 2 commits into from
Nov 27, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
147 changes: 147 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,153 @@ as these things will be provided by your cloud provider.

But in case of a local deployment, navigate to the next section.

#### Setting up remote cluster

##### Setting up custom error backend

On remote environment each namespace should have a custom error backend setup for the nginx.
This is done by creating the following ConfigMaps and Services in the namespace:

This only needs to be applied once per namespace.

Configuration for the default backend: service and handling of a 404 error on a subdomain level (wild card domain).

Create `custom-error-backent.yaml` file with the following content.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Typo: -backent
  2. Totally up to you, but personally I would prefer to have custom-error-backend.yaml as a file, not just in the README. It's so long (and important), it deserves to be a file I think.

Don't forget to change the host name for the wildcard in case you are deploying the environment other than production.

<details>
<summary>Click to see the content of the custom-error-backend.yaml file</summary>

```yaml
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the indentation is incorrect for this code fencing. Does not look right when looking at the rendered README.

---
apiVersion: v1
kind: Service
metadata:
name: nginx-errors
labels:
app.kubernetes.io/name: nginx-errors
app.kubernetes.io/part-of: ingress-nginx
spec:
selector:
app.kubernetes.io/name: nginx-errors
app.kubernetes.io/part-of: ingress-nginx
ports:
- port: 80
targetPort: 8080
name: http
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-errors
labels:
app.kubernetes.io/name: nginx-errors
app.kubernetes.io/part-of: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: nginx-errors
app.kubernetes.io/part-of: ingress-nginx
template:
metadata:
labels:
app.kubernetes.io/name: nginx-errors
app.kubernetes.io/part-of: ingress-nginx
spec:
containers:
- name: nginx-error-server
# Update the image if there is a new version available
image: registry.k8s.io/ingress-nginx/custom-error-pages:v1.0.2@sha256:b2259cf6bfda813548a64bded551b1854cb600c4f095738b49b4c5cdf8ab9d21
ports:
- containerPort: 8080
# Mounting custom error page from ConfigMap 1
volumeMounts:
- name: custom-error-pages-404
mountPath: /www/404.html
subPath: 404.html
# Mounting custom error page from ConfigMap 2
- name: custom-error-pages-503
mountPath: /www/503.html
subPath: 503.html

# Mounting volumes from two ConfigMaps
volumes:
- name: custom-error-pages-404
configMap:
name: custom-error-pages-404
items:
- key: "404"
path: "404.html"
- name: custom-error-pages-503
configMap:
name: custom-error-pages-503
items:
- key: "503"
path: "503.html"
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/custom-http-errors: 503,404
nginx.ingress.kubernetes.io/default-backend: nginx-errors
name: wildcard-test-srv-dev
namespace: serve-dev
spec:
defaultBackend:
service:
name: nginx-errors
port:
number: 80
rules:
# Change this if you are using a different domain
- host: '*.serve.scilifelab.se'
http:
paths:
- backend:
service:
name: nginx-errors
port:
number: 80
path: /404.html
pathType: ImplementationSpecific
tls:
- hosts:
# Change this if you are using a different domain
- '*.serve.scilifelab.se'
secretName: prod-ingress
---
# Custom error page configMap for the 404 error
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-error-pages-404
data:
"404": "Error"
---
# Custom error page configMap for the 503 error
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-error-pages-503
data:
"503": "Error"
```
</details>

Apply the configuration to the namespace:
```bash
$ kubectl apply -f custom-error-backend.yaml
```

In the rancher dashboard change the values for configmaps `custom-error-pages-404` and `custom-error-pages-503` to
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would advice against using Rancher's dashboard features to edit ConfigMaps. Not that it would not work, just that it's very easy to make mistakes. Instead, I suggest you create the ConfigMaps using kubectl.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying my best to set it up via config map, but it kept giving me errors like this for:: invalid JSON document or unicode errors.

Rancher's forms were able to handle this, so I went with them

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be possible to do like this:

kubectl create configmap custom-error-pages --from-file 404=./html/404.html --from-file 503=./html/503.html

The result should look similar to this: https://github.com/kubernetes/ingress-nginx/blob/6ceccbd67b140b7626670ad17f926f121a9e5563/docs/examples/customization/custom-errors/custom-default-backend-error_pages.configMap.yaml

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There were apparently a misconfiguration in Rancher causing this to break. It's fixed now.

the following error pages. Don't forget to change the host names in the html pages.

Take `404.html` file from [here](error-page-404.html)

Take `503.html` file from [here](error-page-503.html)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Take `404.html` file from [here](error-page-404.html)
Take `503.html` file from [here](error-page-503.html)
You find the error pages in [error-page-404.html](error-page-404.html) and [error-page-503.html](error-page-503.html).


#### Setup for local deployment

If you are going to run this locally, you need to have a Kubernetes cluster running on your machine.
Expand Down
2 changes: 1 addition & 1 deletion apps/custom-app/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart for a standard serve app
name: custom-app
version: 1.1.0
version: 1.1.1
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/custom-app/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
{{- end }}
nginx.ingress.kubernetes.io/custom-http-errors: "503"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the README, you give instructions for configuring both 404 and 503, yet here you only configure 503. Is that intentional?

nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/dash/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart Dash apps
name: dash-app
version: 1.0.2
version: 1.0.3
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/dash/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
{{- end }}
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/filemanager/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart for the serve File Manager
name: filemanager
version: 1.0.2
version: 1.0.3
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/filemanager/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
{{- end }}
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
name: {{ .Release.Name }}-filemanager-ingress
namespace: {{ .Release.Namespace }}
spec:
Expand Down
2 changes: 1 addition & 1 deletion apps/jupyter-lab/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart for Jupyter Lab
name: lab
version: 1.0.2
version: 1.0.3
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/jupyter-lab/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
#nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/rstudio/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart for RStudio in the browser
name: rstudio
version: 1.0.2
version: 1.0.3
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/rstudio/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
#nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/shiny/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart Shiny apps
name: shinyapp
version: 1.0.3
version: 1.0.4
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/shiny/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
{{- end }}
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/shinyproxy/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: shinyproxy
description: A Helm chart to install Shinyproxy
type: application
version: 1.4.2
version: 1.4.3
appVersion: "0.1"
maintainers:
- name: Team Whale
Expand Down
2 changes: 2 additions & 0 deletions apps/shinyproxy/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ metadata:
{{- end }}
nginx.ingress.kubernetes.io/proxy-body-size: 2000m
#nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/tissuumaps/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart tissuumaps apps
name: tissuumaps
version: 1.0.2
version: 1.0.3
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/tissuumaps/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
{{- end }}
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2 changes: 1 addition & 1 deletion apps/vscode/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: v1
appVersion: "0.1"
description: A Helm chart for VS code in the browser
name: vscode
version: 1.0.1
version: 1.0.2
maintainers:
- name: Team Whale
email: [email protected]
2 changes: 2 additions & 0 deletions apps/vscode/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "{{ .Values.global.protocol }}://{{ .Values.global.auth_domain }}:8080/auth/?release={{ .Values.release }}"
nginx.ingress.kubernetes.io/auth-signin: "https://{{ .Values.global.domain }}/accounts/login/?next=$scheme%3A%2F%2F$host"
#nginx.ingress.kubernetes.io/auth-response-headers: X-Forwarded-Host
nginx.ingress.kubernetes.io/custom-http-errors: "503"
nginx.ingress.kubernetes.io/default-backend: nginx-errors
spec:
rules:
- host: {{ .Release.Name }}.{{ .Values.global.domain }}
Expand Down
2,955 changes: 2,955 additions & 0 deletions error-page-404.html

Large diffs are not rendered by default.

2,955 changes: 2,955 additions & 0 deletions error-page-503.html

Large diffs are not rendered by default.

Loading