Required Data: Ingress Nginx Controller

Issue

  • I have deployed the NGINX Ingress Controller but I am not able to reach my instances

Required Data for NGINX Ingress Controller

This article describes how to collect the minimum required information for NGINX Ingress Controller on a CloudBees Core on Core Modern installation so that it can be efficiently troubleshooted.

If the required data is bigger than 20 MB you will not be able to use ZenDesk to upload all the information. In this case, we would like to encourage you to use our upload service in order to attach all the required information.

Environment

Automatic Data collection

This is the preferred method if you are using a product supported by the cbsupport CLI.

Current products supporting collecting ingress data are:

Steps to follow are:

  1. Install and configure cbsupport following Using cbsupport CLI to collect the requested data
  2. Run cbsupport required-data ingress
  3. In the command prompt, select the namespace where the ingress controller has been deployed, commonly ingress-nginx
  4. Collect the archive generated in the working directory of cbsupport and attach it to the ticket using our upload service

Manual Data collection

Required Data check list

  •  Kubernetes CloudBees Core resources details
  •  Kubernetes NGINX Ingress Controller resources details
  •  Kubernetes NGINX Ingress Controller pod logs
  •  Reachability of CloudBees Core via DNS from the workstation
  •  Reachability of CloudBees Core via Load Balancer from the workstation
  •  Reachability of CloudBees Core from Host

Pre-Requisites

To facilitate the retrieval of data, export the following variables:

DOMAIN_NAME=<domain-name>
CB_NAMESPACE=<cloudbees-core-namspace>
NGINX_NAMESPACE=<ingress-namespace>
SERVICE_NAME=<nginx-service-name>

Replace:

  • <domain-name> by the domain used for CloudBees Core, like cloudbees-core.example.com
  • by the namespace where CLoudBees Core is deployed
  • <ingress-namespace> by the namespace where NGINX Ingress controller is deployed, usually ingress-nginx
  • <nginx-service-name> by the name of the ingress controller service, that you can retrieve with kubectl get svc -n $NGINX_NAMESPACE (not the “default backend” service). Usually ingress-nginx for manual installation or nginx-ingress-controller for helm installation.

Kubernetes CloudBees Core resources details

Resources of CloudBees Core deployment in the cluster:

kubectl get node,pod,svc,ing,ep -o yaml -n $CB_NAMESPACE > k8s-details.yaml
kubectl get node,pod,svc,ing,ep -o wide -n $CB_NAMESPACE > k8s-details.txt

Kubernetes NGINX Ingress Controller resources details

Resources of the NGINX Ingress Controller deployment in the cluster:

kubectl get pod,svc,ep,cm -o wide -n $NGINX_NAMESPACE > ingress-nginx-details.txt
kubectl get pod,svc,ep,cm -o yaml -n $NGINX_NAMESPACE > ingress-nginx-details.yaml

NGINX Ingress Controller pod logs

Collect the logs of each ingress-controller pod. You can find the NGINX ingress controller pods by running:

kubectl get pod -o wide -n $NGINX_NAMESPACE

Then, for each pod, collect the logs:

kubectl logs $POD_NAME -n $NGINX_NAMESPACE > $POD_NAME.log

Reachability of the CloudBees Core via DNS from the workstation

The output of the following command to ensure that the DNS resolves to an IP address and that CJOC can be reached :

nslookup $DOMAIN_NAME > nslookup.log
curl -IvL http://$DOMAIN_NAME/cjoc > curl-ing-through-dns-http.log 2>&1
curl -IvL https://$DOMAIN_NAME/cjoc > curl-ing-through-dns-https.log 2>&1

Reachability of CloudBees Core via Load Balancer IP from the workstation

Get the “External IP” or IP that the DNS resolves to:

nslookup $DOMAIN_NAME

Test if the ingress controller can be reached through the Load Balancer (replace <external-ip> with the IP address that the DNS resolves to in the output of nslookup command)

EXTERNAL_IP=<external-ip>
curl -IvL -H "Host: $DOMAIN_NAME" http://$EXTERNAL_IP:80/cjoc > curl-ing-through-lb-http.log 2>&1
curl -IvL -H "Host: $DOMAIN_NAME" http://$EXTERNAL_IP:443/cjoc > curl-ing-through-lb-https.log 2>&1

(Note: You may also retrieve the load balancer IP with kubectl get svc $SERVICE_NAME -n $NGINX_NAMESPACE -o jsonpath="{.status.loadBalancer.ingress[0].ip}")

Reachability of CloudBees Core from Host

Retrieve the HTTP and HTTPS node ports that the NGINX ingress controller service is exposing:

echo $(kubectl get svc $SERVICE_NAME -n $NGINX_NAMESPACE -o jsonpath="{.spec.ports[?(@.name=='http')].nodePort}")
echo $(kubectl get svc $SERVICE_NAME -n $NGINX_NAMESPACE -o jsonpath="{.spec.ports[?(@.name=='https')].nodePort}")

Retrieve the node where the NGINX ingress controller pods are running by executing:

kubectl get pod -n $NGINX_NAMESPACE -o yaml | grep nodeName

Log in to a kubernetes node running the NGINX Ingress Controller and test if the ingress controller can be reached directly from there (replace <domain-name> by the domain used for CloudBees Core):

DOMAIN_NAME=<domain-name>
curl -IvL -H "Host: $DOMAIN_NAME" http://0.0.0.0:$HTTP_NODE_PORT/cjoc > curl-ing-from-node-http.log 2>&1
curl -IvL -H "Host: $DOMAIN_NAME" http://0.0.0.0:$HTTPS_NODE_PORT/cjoc > curl-ing-from-node-http.log 2>&1

Collect the files.

References

Have more questions?

0 Comments

Please sign in to leave a comment.