Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] K8S env variable not loaded #1637

Open
2 tasks done
schmittse opened this issue Oct 28, 2024 · 1 comment
Open
2 tasks done

[BUG] K8S env variable not loaded #1637

schmittse opened this issue Oct 28, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@schmittse
Copy link

What happened?

I've deployed a bunkerweb Ingress Controller using the documentation.
It leaded to a working DeamonSet : (only usefull part of yaml copied here)

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: bunkerweb
  namespace: bunkerweb
spec:
  [...]
    spec:
      containers:
      - env:
        - name: KUBERNETES_MODE
          value: "yes"
        - name: MULTISITE
          value: "yes"
        - name: USE_REDIS
          value: "yes"
        - name: REDIS_HOST
          value: svc-bunkerweb-redis
        image: bunkerity/bunkerweb:1.5.10
        name: bunkerweb

But is the outpu log, we can see those lines :

2024/10/28 08:33:23 [error] 2318276#2318276: *740820 [BADBEHAVIOR] (increase) redis_increase failed, falling back to local : error while getting redis client : failed to parse host name "": no host, context: ngx.timer, client: 1.2.3.4, server: 0.0.0.0:8080

And if we log inside the pod and look at the variables file, we can see that the REDIS host is empty :

$ cat /etc/nginx/variables.env | grep "REDIS"
USE_REDIS=yes
REDIS_HOST=
REDIS_PORT=6379
REDIS_DATABASE=0
REDIS_SSL=no
REDIS_SSL_VERIFY=no
REDIS_TIMEOUT=1000
REDIS_USERNAME=
REDIS_PASSWORD=
REDIS_SENTINEL_HOSTS=
REDIS_SENTINEL_USERNAME=
REDIS_SENTINEL_PASSWORD=
REDIS_SENTINEL_MASTER=
REDIS_KEEPALIVE_IDLE=30000
REDIS_KEEPALIVE_POOL=10

I made this bug report using REDIS_HOST as exemple but this is true for a lot of env variables.

How to reproduce?

Install a fresh bunkerweb in a Kubernetes environnement.

Configuration file(s) (yaml or .env)

# Redis deployement :
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: bunkerweb-redis
  namespace: bunkerweb
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: bunkerweb-redis
  template:
    metadata:
      labels:
        app: bunkerweb-redis
    spec:
      containers:
        - name: bunkerweb-redis
          image: redis:7-alpine
          imagePullPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
  name: svc-bunkerweb-redis
  namespace: bunkerweb
spec:
  type: ClusterIP
  selector:
    app: bunkerweb-redis
  ports:
    - name: redis
      protocol: TCP
      port: 6379
      targetPort: 6379
# Bunkerweb DaemonSet
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: bunkerweb
  namespace: bunkerweb
spec:
  selector:
    matchLabels:
      app: bunkerweb
  template:
    metadata:
      labels:
        app: bunkerweb
      # mandatory annotation
      annotations:
        bunkerweb.io/INSTANCE: "yes"
    spec:
      serviceAccountName: sa-bunkerweb
      containers:
        # using bunkerweb as name is mandatory
        - name: bunkerweb
          image: bunkerity/bunkerweb:1.5.10
          imagePullPolicy: Always
          securityContext:
            runAsUser: 101
            runAsGroup: 101
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - ALL
          ports:
            - containerPort: 8080
              name: htpp
            - containerPort: 8443
              name: https
          env:
            - name: KUBERNETES_MODE
              value: "yes"
            - name: DNS_RESOLVERS
              value: "coredns.kube-system.svc"
            - name: USE_API
              value: "yes"
            - name: API_WHITELIST_IP
              value: "127.0.0.0/8 10.0.0.0/8"
            - name: SERVER_NAME
              value: ""
            - name: MULTISITE
              value: "yes"
            - name: USE_REDIS
              value: "yes"
            - name: REDIS_HOST
              value: "svc-bunkerweb-redis"
            - name: USE_PROXY_PROTOCOL
              value: "yes"
            - name: USE_REAL_IP
              value: "yes"
            - name: REAL_IP_FROM
              value: "1.2.3.4/32"
          livenessProbe:
            exec:
              command:
                - /usr/share/bunkerweb/helpers/healthcheck.sh
            initialDelaySeconds: 30
            periodSeconds: 5
            timeoutSeconds: 1
            failureThreshold: 3
          readinessProbe:
            exec:
              command:
                - /usr/share/bunkerweb/helpers/healthcheck.sh
            initialDelaySeconds: 30
            periodSeconds: 1
            timeoutSeconds: 1
            failureThreshold: 3
---
apiVersion: v1
kind: Service
metadata:
  name: svc-bunkerweb
  namespace: bunkerweb
spec:
  clusterIP: None
  selector:
    app: bunkerweb

Relevant log output

hello-world.example.com 1.2.3.4 - - [28/Oct/2024:08:41:50 +0000] "GET /.well-known/acme-challenge/pK8hcNAZCqPFnq9qFNMx3vGDxhhbBUkS5CjZ84lcV_A HTTP/1.1" 404 89923 "-" "cert-manager-challenges/v1.13.6 (linux/amd64) cert-manager/d9235ef134b120ef5e7c7fc58d342e66599069b5"
2024/10/28 08:41:50 [error] 2318276#2318276: *742389 [BADBEHAVIOR] (increase) redis_increase failed, falling back to local : error while getting redis client : failed to parse host name "": no host, context: ngx.timer, client: 1.2.3.4, server: 0.0.0.0:8080
2024/10/28 08:41:50 [notice] 2318276#2318276: *742389 [BADBEHAVIOR] increased counter for IP 1.2.3.4 (2/10), context: ngx.timer, client: 1.2.3.4, server: 0.0.0.0:8080

BunkerWeb version

1.5.10

What integration are you using?

Kubernetes

Linux distribution (if applicable)

Ubuntu Server 20.04

Removed private data

  • I have removed all private data from the configuration file and the logs

Code of Conduct

  • I agree to follow this project's Code of Conduct
@schmittse schmittse added the bug Something isn't working label Oct 28, 2024
@TheophileDiot
Copy link
Member

Hi @schmittse, did you try again with the 1.5.11 version?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TheophileDiot @schmittse