How can I use fastCGI?

[wesleycremonini]

Im several hours into a problem with receiving 502 from a php-fpm container in kubernetes, using caddy as ingress. And realized I never configured caddy, I need fastcgi to support php-fpm. How can I do that?

ingress.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress
  annotations:
    kubernetes.io/ingress.class: caddy
spec:
  rules:
  - host: another-service-domain
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: go-service-service
            port:
              number: 80
  - host: php-fpm-domain
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: main-api-service
            port:
              number: 9000

Deployment and service:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: main-api-deployment
  labels:
    app: main-api
spec:
  replicas: 1
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 0
      maxSurge: 2
  selector:
    matchLabels:
      app: main-api
  template:
    metadata:
      labels:
        app: main-api
    spec:
      containers:
        - name: main-api
          image: php-fpm-image
          ports:
            - containerPort: 9000
          envFrom:
            - configMapRef:
                name: main-api
---
apiVersion: v1
kind: Service
metadata:
  name: main-api-service
spec:
  selector:
    app: main-api
  ports:
    - name: fpm
      port: 9000
      targetPort: 9000

How exactly can I use fastCGI with the main-api service? Should I provide my own caddyfile? How can I do that?

[wesleycremonini]

anyone?

[mholt]

Hi Wesley -- thanks for the question. Just a note that you asked at the beginning of a weekend, and it's just barely Monday morning, so please allow some time for the volunteer maintainers to see the question and provide an answer. I'm sure they'll see it, it's just that there's only a couple of them and they're both very busy.

(I wish I knew anything about Kubernetes to help you, but I'll have to leave this to somebody with experience!)

[Embraser01]

Hi,

There is no support yet for fastcgi. It shouldn't be hard to add support as an annotation like caddy.ingress.kubernetes.io/backend-protocol": "fastcgi".

I'll tag this issue as a feature request for anyone to open a PR (I may do it if I find the time)

[wesleycremonini]

Is there a way to make it only for a selected domain? Also would be nice to add root and file_server directives support, since they are used very often with fastcgi.

Is there any documentation on current caddy annotations?

[Embraser01]

Is there a way to make it only for a selected domain?

The annotation would be on a specific ingress, to have only a specific domain, you have to create a specific Ingress with only the domain and the annotation.

Also would be nice to add root and file_server directives support, since they are used very often with fastcgi.

I'm not sure I understand exactly what you want. I'm not familiar with fastcgi/PHP, as far as I understand, adding the annotation on an ingress would change the reverse_proxy handler to set the fastcgi transport mode. We could also support any config specified on the page I linked. I see root (not sure it's the same as what you were referring to) but not file_server that seems unrelated and doesn't make sense for an ingress controller

[wesleycremonini]

adding the annotation on an ingress would change the reverse_proxy handler to set the fastcgi transport mode

Yes

I see root (not sure it's the same as what you were referring to)

Yes, thats the one

but not file_server that seems unrelated and doesn't make sense for an ingress controller

file_server directive from the docs: Most often, the file_server directive is paired with the root directive to set the file root for the whole site

Example:

root * /home/user/public_html
file_server

[tommy31]

I would love to see FastCGI support on caddy ingress !

[wesleycremonini]

Im trying to set up the dev environment so I can try to add fcgi support, but im running into this error and couldnt find a solution:

  ->  skaffold dev               
  
Generating tags...
 - caddy/ingress -> caddy/ingress:caddy-ingress-controller-1.0.4-4-g4c70011-dirty
Checking cache...
 - caddy/ingress: Error checking cache.
Cleaning up...
 - No resources found
Error: uninstall: Release not loaded: caddy-ingress-development: release: not found
Cleaning up resources encountered an error, will continue to clean up other resources.
getting hash for artifact "caddy/ingress": getting dependencies for "caddy/ingress": file pattern [ingress-controller] must match at least one file

Anyone else ran into this?

[mavimo]

@wesleycremonini hey, sorry for the long reply time, are you still interested on develop this feature? 😃 I can try to support if you want.

Going back to your original questions:

Is there a way to make it only for a selected domain?

As @Embraser01 say when you define an ingress you define a couple of information that specify when the ingress is "activated", by domain and by path. Let suppose you have a PHP application that is composed bystatic files (eg CSS, JS, images) and runtime generated code, what you can do is:

• Create a deployment that contains files to be served where the entrypoint is a webserver (e.g.: caddy 🙈 ), let call it assets
• Create a deployment that contains php files to be processed and where the entrypoint is fastcgi, let call it application
• Create a service for the assets deployment
• Create a service for the application deployment
• Create an ingress for the asset service on domain assets.mydomain.com (or www.mydomain.com with path assets)
• Create an ingress for the application service on domain www.mydomain.com

NB: at the moment the caddy ingress controller do not support the fastcgi protocol, but i'm very interested on supporting you on that.

About skaffold there are a few changes made in #145 can you check if it works for you? If not feel free to ping me 😄