edge-stack is failing to route traffic on port 8443 after exposing it, with HTTP 404 error.
Casey did a little bit of digging, and according to him the virtual host and the server names are not propagated correctly for some reason.
The port is exposed to Kubernetes:
kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ambassador LoadBalancer 11.111.222.111 localhost 80:31769/TCP,443:31982/TCP,8443:31695/TCP 54d
We do use the lua script in the Module that strips the port from authority.
apiVersion: getambassador.io/v3alpha1
kind: Module
metadata:
name: ambassador
namespace: alpha-ambassador
spec:
config:
# Use the items below for config fields
lua_scripts: |
function envoy_on_request(request_handle)
local authority = request_handle:headers():get(":authority")
if(string.find(authority, ":") ~= nil)
then
local authority_index = string.find(authority, ":")
local stripped_authority = string.sub(authority, 1, authority_index - 1)
request_handle:headers():replace(":authority", stripped_authority)
end
end
This is the Mapping object:
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
name: guestbook-mapping
spec:
grpc: false
host: "^example\\.com:8443$"
host_regex: true
prefix: /
rewrite: ""
service: guestbook:80
We also tried to add this Host object, but it didn't help:
apiVersion: getambassador.io/v2
kind: Host
metadata:
name: example.com-8443
spec:
acmeProvider:
authority: none
hostname: '*.example.com:8443'
selector:
matchLabels:
hostname: example.com:8443
tls:
alpn_protocols: h2
tlsSecret:
name: example-com-server-secret
edge-stack is failing to route traffic on port 8443 after exposing it, with HTTP 404 error.
Casey did a little bit of digging, and according to him the virtual host and the server names are not propagated correctly for some reason.
The port is exposed to Kubernetes:
We do use the lua script in the Module that strips the port from authority.
This is the Mapping object:
We also tried to add this Host object, but it didn't help: