application-gateway-kubernetes-ingress icon indicating copy to clipboard operation
application-gateway-kubernetes-ingress copied to clipboard

Published 20 hours ago verified publisher icon Azure

Enable priority configuration for listeners

Open arodriguezdlc opened this issue 4 years ago • 8 comments

Is your feature request related to a problem? Please describe. When creating multiple listeners using wildcards with AGIC, as example:

  • *.contoso.com
  • b2b.contoso.com I would like that the second one have more priority than the wildcard domain, to establish a esspecific configuration for this ingress. Currently, the evaluation order depends of which ingress has been configured before, so is practically random. I would like to be able to specify a priority (see https://docs.microsoft.com/en-us/azure/application-gateway/multiple-site-overview#request-routing-rules-evaluation-order) to ensure that the more specific ingress works properly.

Describe the solution you'd like I think that we could use an annotation like appgw.ingress.kubernetes.io/listener-priority: "1", to be able to set the priority to the listener created by AGIC.

arodriguezdlc avatar Sep 15 '21 14:09 arodriguezdlc

Something like this is needed urgently. Path based routing is random. Example path based routing app/* app/testing will match which ever is defined first in AGW which you have no control over atm.

thisispaulsmith avatar Sep 24 '21 15:09 thisispaulsmith

This feature is very much required, We are facing issues when we use wild cards in ingress. AGIC randomly assigns priority causing all issues. Any ETA on this issue please ?

nvenkatapavan avatar Jun 29 '22 06:06 nvenkatapavan

This functionality is absolutely required and blocking it our deployments on Azure platform with AGIC. Any ETA ?

sudarshntn avatar Jun 29 '22 12:06 sudarshntn

Any Updates on this?

I am using AGIC in AKS and I am facing the same issue:

*.contoso.com --> rule1 shop.contoso.com --> rule2

By default, 1st rule is being processed first, then no traffic is being received by the more specific listener/hostname (2nd rule). I can't update priorities using Portal because it will be overriden by the AGIC pod deployed in AKS.

LeartBeqiraj avatar Nov 23 '22 09:11 LeartBeqiraj

TEMPORARY WORKAROUND: I am using this bash script to update rule's priority every 5 seconds. I am increasing the value number of priority that is attached with the rule (*.contoso.com) so this will be always processed last:

#!/bin/bash

while true
do

az network application-gateway rule show -g {resource_group} --gateway-name {gateway_name} -n {rule_name} > priority.json
cat priority.json | grep 19090 >> /dev/null
status=$?

  if [ $status -ne 0 ]
  then
    az network application-gateway rule update -g {resource_group} --gateway-name {gateway_name} -n {rule_name} --priority {19090}
    echo "priority now configured to 19090"
  elif [ $status -eq 0 ]
  then
    echo "priority is already 19090"
  fi
sleep 5
done

LeartBeqiraj avatar Nov 23 '22 09:11 LeartBeqiraj

Is there any updates on this?

juanpgarces avatar Jan 22 '24 17:01 juanpgarces

@juanpgarces @LeartBeqiraj et al (and anyone who comes here via a search), seems this was implemented over two years ago now, but this issue (and the documentation) was not updated.

An annotation like appgw.ingress.kubernetes.io/rule-priority: "200" appears to be the trick, you may have to make multiple ingress objects, of course, as there is no annotation support per path, but that doesn't seem to be a big issue, but if you have an ingress with multiple paths, you will need to break it up into multiple ingresses otherwise the controller will complain about non-unique priorities (because those paths are broken down into individual rules).

24601 avatar Feb 04 '24 02:02 24601