Creating path/routes in Ingress resource and manage them with Kong Ingress controller

development
#1

I am creating routes in an Ingress Resource (frontend) in order to reach a specific backend service via KongIngress resource. (edited)

Currently, the KongIngress and Ingress resources are:

apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
  name: sandbox-ingress-zcrm365
  # namespace: default
proxy:
  protocols:
    - http
    - https
  path: /
route:
  methods:
    - POST
    - GET
  strip_path: true #false
  preserve_host: true
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: sandbox-ingress-zcrm365
  #namespace: default
  annotations:
    kubernetes.io/ingress.class: "kong"
    certmanager.k8s.io/acme-challenge-type: http01
    kubernetes.io/tls-acme: "true"
    certmanager.k8s.io/acme-http01-edit-in-place: "true"
    certmanager.k8s.io/cluster-issuer: letsencrypt-prod # letsencrypt-staging
    configuration.konghq.com: sandbox-ingress-zcrm365
spec:
  rules:
    - host: zcrm365sand.possibilit.nl
      http:
        paths:
          - path: "/"
            backend:
              serviceName: zcrm365sandbox
              servicePort: 80
          - path: "/priva"
            backend:
              serviceName: zcrm365sandbox
              servicePort: 80
  tls:
    - hosts:
        - zcrm365sand.possibilit.nl
      secretName: letsencrypt-prod # letsencrypt-staging

This means that I have the route
https://zcrm365sand.possibilit.nl/priva/ and It’s works.

Why happens this redirect behavior if I remove the / at the end of the route?
It’s happening because I already have enabled thepath: / in my Ingress resource?

This means that the (/priva) route itself is working. (I think)

And also the first route
https://zcrm365sand.possibilit.nl/swagger/v1/swagger.json

  • Testing with some http rest clients

When I go to curl -sv https://zcrm365sand.possibilit.nl/priva/ I get the http 301 status code.
Is making this reference to the previous redirection?

⟩ curl -sv https://zcrm365sand.possibilit.nl/priva/
*   Trying 40.115.62.157...
* TCP_NODELAY set
* Connected to zcrm365sand.possibilit.nl (40.115.62.157) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* Some TLS handshakes
* ALPN, server accepted to use http/1.1
* Server certificate:
*  Some certificate data

> GET /priva/ HTTP/1.1
> Host: zcrm365sand.possibilit.nl
> User-Agent: curl/7.63.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 301 Moved Permanently
< Content-Length: 0
< Connection: keep-alive
< Date: Fri, 19 Apr 2019 08:52:44 GMT
< Server: Kestrel
< Location: index.html
< X-Kong-Upstream-Latency: 1
< X-Kong-Proxy-Latency: 0
< Via: kong/1.0.0
< 
* Connection #0 to host zcrm365sand.possibilit.nl left intact

But if I perform curl -sv https://zcrm365sand.possibilit.nl/priva/swagger/v1/swagger.json I get the 200 http status code

⟩ curl -sv https://zcrm365sand.possibilit.nl/priva/swagger/v1/swagger.json
*   Trying 40.115.62.157...
* TCP_NODELAY set
* Connected to zcrm365sand.possibilit.nl (40.115.62.157) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  Some TLS handshakes 
* ALPN, server accepted to use http/1.1
* Server certificate:
*  Some certificates data
*  SSL certificate verify ok.
> GET /priva/swagger/v1/swagger.json HTTP/1.1
> Host: zcrm365sand.possibilit.nl
> User-Agent: curl/7.63.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 200 OK
< Content-Type: application/json;charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Date: Fri, 19 Apr 2019 08:51:15 GMT
< Server: Kestrel
< X-Kong-Upstream-Latency: 1
< X-Kong-Proxy-Latency: 1
< Via: kong/1.0.0
< 
* Connection #0 to host zcrm365sand.possibilit.nl left intact
{"swagger":"2.0","info":{"version":"v1","title":"ZAccountSync API"},"host":"zcrm365sand.possibilit.nl/","paths":{"/api/AccountSync":{"post":{"tags":["AccountSync"],"operationId":"Post","consumes":[],"produces":[],"parameters":[],"responses":{"200":{"description":"Success"}}}}},"definitions":{}}⏎ 

So, the logs of my service pod when I go to https://zcrm365sand.possibilit.nl/priva/ are always my root path domain

2019-04-19 08:54:42 INF "Request starting HTTP/1.1 GET http://10.244.3.10:5000/swagger/v1/swagger.json  "
2019-04-19 08:54:42 INF "Request finished in 0.8356ms 200 application/json;charset=utf-8"
2019-04-19 08:54:50 INF "Request starting HTTP/1.1 GET http://10.244.3.10:5000/swagger/v1/swagger.json  "
2019-04-19 08:54:50 INF "Request finished in 1.2997ms 200 application/json;charset=utf-8"
2019-04-19 08:54:52 INF "Request starting HTTP/1.1 GET http://10.244.3.10:5000/swagger/v1/swagger.json  "
2019-04-19 08:54:52 INF "Request finished in 0.6289ms 200 application/json;charset=utf-8"
2019-04-19 08:55:00 INF "Request starting HTTP/1.1 GET http://10.244.3.10:5000/swagger/v1/swagger.json  "
2019-04-19 08:55:00 INF "Request finished in 1.1153ms 200 application/json;charset=utf-8"
2019-04-19 08:55:02 INF "Request starting HTTP/1.1 GET http://10.244.3.10:5000/swagger/v1/swagger.json  "
2019-04-19 08:55:02 INF "Request finished in 1.1096ms 200 application/json;charset=utf-8"

such as follow here: