nginx-ingress Upgrade

Check Items

Check item 1: Check whether there is an Nginx Ingress route whose ingress type is not specified (kubernetes.io/ingress.class: nginx is not added to annotations) in the cluster.
Check item 2: Check whether the DefaultBackend Service specified by the Nginx Ingress Controller backend is available.

Fault Locating

For Check Item 1

For Nginx Ingress, check the YAML. If the ingress type is not specified in the YAML file and the ingress is managed by the Nginx Ingress Controller, the ingress is at risk.

Check the Ingress type.
Run the following command:
```
kubectl get ingress <ingress-name> -oyaml | grep -E ' kubernetes.io/ingress.class: | ingressClassName:'
```
- Fault scenario: If the command output is empty, the Ingress type is not specified.
- Normal scenario: The command output is not empty, indicating that the Ingress type has been specified by annotations or ingressClassName.
Ensure that the Ingress is managed by the Nginx Ingress Controller. The LoadBalancer Ingresses are not affected by this issue.
- For clusters of v1.19, confirm this issue using managedFields.
```
kubectl get ingress <ingress-name> -oyaml | grep 'manager: nginx-ingress-controller'
```
- For clusters of other versions, check the logs of the Nginx Ingress Controller pod.
```
 kubectl logs -nkube-system cceaddon-nginx-ingress-controller-545db6b4f7-bv74t | grep 'updating Ingress status'
```
If the fault persists, contact technical support personnel.

For Check Item 2

View the DefaultBackend Service in the namespace where the Nginx Ingress Controller is deployed.
```
kubectl get pod cceaddon-nginx-ingress-<controller-name>-controller-*** -n <namespace> -oyaml | grep 'default-backend'
```
In the preceding command, cceaddon-nginx-ingress-<controller-name>-controller-*** is the controller pod name, <controller-name> is the controller name specified during add-on installation, and <namespace> is the namespace where the controller is deployed.

Command output:
```
- '--default-backend-service=<namespace>/<backend-svc-name>'
```
In the preceding command, <backend-svc-name> is the name of the DefaultBackend Service for the Nginx Ingress Controller.
Check whether the DefaultBackend Service of the Nginx Ingress Controller is available.
```
kubectl get svc <backend-svc-name> -n <namespace>
```
If the Service is unavailable, this check item failed.

Solution

Add an annotation to the Nginx ingresses as follows:

kubectl annotate ingress <ingress-name> kubernetes.io/ingress.class=nginx

There is no need to add this annotation to LoadBalancer ingresses. Verify that these ingresses are managed by Nginx Ingress Controller.

Parent topic: Troubleshooting for Pre-upgrade Check Exceptions

Previous topic: Node Swap

Next topic: Upgrade of Cloud Native Cluster Monitoring

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot