Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The ingress_controller spec make the ingress invalid if using the default ingress_path "/" #1370

Closed
3 tasks done
guillaumelfv opened this issue Apr 19, 2023 · 3 comments · Fixed by #1374
Closed
3 tasks done

The ingress_controller spec make the ingress invalid if using the default ingress_path "/" #1370

guillaumelfv opened this issue Apr 19, 2023 · 3 comments · Fixed by #1374
Labels
community type:bug Something isn't working

Comments

@guillaumelfv
Copy link
Contributor

Please confirm the following

  • I agree to follow this project's code of conduct.
  • I have checked the current issues for duplicates.
  • I understand that the AWX Operator is open source software provided for free and that I might not receive a timely response.

Bug Summary

The new ingress_controller spec break the deployment while using the ingress_path "/". It fail the deployment as https://github.com/ansible/awx-operator/blob/2.0.1/roles/installer/templates/networking/ingress.yaml.j2#L37 is becoming //websocket and it does not seems valid for an ingress.

AWX Operator version

2.0.1

AWX version

22.1.0

Kubernetes platform

kubernetes

Kubernetes/Platform version

v1.21.6

Modifications

no

Steps to reproduce

Use the following ingress specs:

ingress_type: ingress
  ingress_class_name: "contour"
  ingress_controller: contour
  ingress_path: /
  ingress_path_type: Prefix

Expected results

Using the default ingress_path / should not failed the deployment

Actual results

Trying to upgrade from 2.0.0 to 2.0.1 and using the newly introduced spec:

ingress_controller: contour

the full ingress spec is as follow:

ingress_type: ingress
  ingress_class_name: "contour"
  ingress_controller: contour
  ingress_path: /
  ingress_path_type: Prefix
  ingress_annotations: |
    ingress.kubernetes.io/force-ssl-redirect: "true"

It fail the deployment as https://github.com/ansible/awx-operator/blob/2.0.1/roles/installer/templates/networking/ingress.yaml.j2#L37 is becoming //websocket and the deployment fail with:

"Failure\\\",\\\"message\\\":\\\"Ingress.extensions \\\\\\\\\\\"awx-ingress\\\\\\\\\\\" is invalid: spec.rules[0].http.paths[1].path: Invalid value: \\\\\\\\\\\"//websocket\\\\\\\\\\\": must not contain \\\\'//\\\\'\\\",\\\"reason\\\":\\\"Invalid\\\",\\\"details\\\":{\\\"name\\\":\\\"awx-ingress\\\",\\\"group\\\":\\\"extensions\\\",\\\"kind\\\":\\\"Ingress\\\",\\\"causes\\\":[{\\\"reason\\\":\\\"FieldValueInvalid\\\",\\\"message\\\":\\\"Invalid value: \\\\\\\\\\\"//websocket\\\\\\\\\\\": must not contain \\\\'//\\\\'\\\",\\\"field\\\":\\\"spec.rules[0].http.paths[1].path\\\"}]},\\\"code\\\":422}\\\\n'\", \"reason\": \"Unprocessable Entity\"}\n\r\nPLAY RECAP *********************************************************************\r\nlocalhost                  : ok=60   changed=0    unreachable=0    failed=1    skipped=63   rescued=0    ignored=0   \r\n\n","job":"2393221571015465150","name":"awx","namespace":"awx","error":"exit status 2","stacktrace":"github.com/operator-framework/operator-sdk/internal/ansible/runner.(*runner).Run.func1\n\t/workspace/internal/ansible/runner/runner.go:269"}

"Invalid value: \\\\\\\\\\\"//websocket\\\\\\\\\\\": must not contain \\\\'//\\\\'\\\"

Additional information

No response

Operator Logs

"Failure\\\",\\\"message\\\":\\\"Ingress.extensions \\\\\\\\\\\"awx-ingress\\\\\\\\\\\" is invalid: spec.rules[0].http.paths[1].path: Invalid value: \\\\\\\\\\\"//websocket\\\\\\\\\\\": must not contain \\\\'//\\\\'\\\",\\\"reason\\\":\\\"Invalid\\\",\\\"details\\\":{\\\"name\\\":\\\"awx-ingress\\\",\\\"group\\\":\\\"extensions\\\",\\\"kind\\\":\\\"Ingress\\\",\\\"causes\\\":[{\\\"reason\\\":\\\"FieldValueInvalid\\\",\\\"message\\\":\\\"Invalid value: \\\\\\\\\\\"//websocket\\\\\\\\\\\": must not contain \\\\'//\\\\'\\\",\\\"field\\\":\\\"spec.rules[0].http.paths[1].path\\\"}]},\\\"code\\\":422}\\\\n'\", \"reason\": \"Unprocessable Entity\"}\n\r\nPLAY RECAP *********************************************************************\r\nlocalhost                  : ok=60   changed=0    unreachable=0    failed=1    skipped=63   rescued=0    ignored=0   \r\n\n","job":"2393221571015465150","name":"awx","namespace":"awx","error":"exit status 2","stacktrace":"github.com/operator-framework/operator-sdk/internal/ansible/runner.(*runner).Run.func1\n\t/workspace/internal/ansible/runner/runner.go:269"}

"Invalid value: \\\\\\\\\\\"//websocket\\\\\\\\\\\": must not contain \\\\'//\\\\'\\\"
@guillaumelfv guillaumelfv changed the title The new ingress_controller spec break the deployment while using the ingress_path "/" The new ingress_controller spec break the deployment while using the default ingress_path "/" Apr 19, 2023
@guillaumelfv
Copy link
Contributor Author

@lumarel fyi in case its of interest. I am curious to know if its linked to something specific on my cluster or if on your side you do not use default ingress_path / ?

@guillaumelfv guillaumelfv changed the title The new ingress_controller spec break the deployment while using the default ingress_path "/" The ingress_controller spec make the ingress invalid if using the default ingress_path "/" Apr 19, 2023
@fosterseth fosterseth added type:bug Something isn't working and removed needs_triage labels Apr 19, 2023
@lumarel
Copy link
Contributor

lumarel commented Apr 19, 2023
edited
Loading

@guillaumelfv Tbh, I really just messed up the PR... (as mentioned in the PR I was not able to spin up the tests as described in the docs)
I'm using the ingress_path in it's default configuration in my environments.
The resulting ingress should look like in this comment tbh, and this is also how it works:
ansible/awx#9747 (comment)
But looks like I was not accounting for the single / in the default configuration.

Which means there is either an extra step needed, to make sure there is only one, or just the / has to be removed.

@lumarel lumarel mentioned this issue Apr 19, 2023
Merged
@lumarel
Copy link
Contributor

lumarel commented May 8, 2023

Just tested the new release, works very well now @guillaumelfv !
All needed is

---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: awx
spec:
  ingress_type: Ingress
  ingress_tls_secret: awx-ingress-tls
  ingress_controller: contour
  hostname: awx.example.com

awx-ingress-tls must be a cert trusted by your client.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
community type:bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #1370 - slash at variable end lumarel/awx-operator
3 participants
@fosterseth @guillaumelfv @lumarel