Issue with multiple nginx-ingress controllers

[dhrp]

Summary: When there are multiple ingress controllers; for example, one with proxy-protocol enabled, and one without proxy protocol enabled, the hairpin proxy will make rewrite rules for all. But this gives 404 issues for the non-proxied ingresses.

Steps to reproduce:

• Make an ingress controller with proxy protocol. Name it "nginx-ingress-w-proxy-protocol"
• Make an ingress controller without proxy protocol. Name it "nginx-ingress"
• Install the hairpin proxy
• Create some ingress on both
• Try to reach a site from IN the cluster, that is served by the nginx ingress.
• Find that it the site gives a 404 not found.
• Check the rules written kubectl get configmap -n kube-system coredns -o=jsonpath='{.data.Corefile}'
• Notice that ALSO the site that should not be proxy'd is proxied, and thus sent to the nginx-ingress-w-proxy-protocol ingress controller. -- But it does not know the site, and thus it fails. Ultimately cert-manager fails to renew the certificates.

Suggested fix Include the ingress class in the polling of ingress resources.

**Now I'm writing this, I realize this may be because I'm still on K8S 1.18, and it doesn't support the new ingress definitions (supporting ingress classes). Will need to test.

[bernatvadell]

I know it's been a long time, did you find a solution? I'm stuck at this point.

[dhrp]

I think I ended up with a workaround: Switching which Ingress I was using for that particular service, to get to a compatible configuration.