kubernetes-ingress
kubernetes-ingress copied to clipboard
nginxinc
VirtualServers stays INVALID after NIC POD (re)start
Describe the bug
VirtualServers stays INVALID after NIC POD (re)start
Loading the configuration to a running NIC works. After restart of the POD the VirtualServers stays INVALID forever. NGINX however has a valid configuration and handles traffic. When the reload timeout is increased from default 60s the VirtualServers become VALID.
To Reproduce See above
Expected behavior VirtualServers should be VALID despite how many of them
Your environment
Reproduced in the following env:
- NGINX Ingress Controller 3.5.0, Plus with AppProtect
- Version of Kubernetes: 1.27
- Kubernetes platform: kind
- N number of VirtualServers each with a unique ApPolicy (N=20 can trigger the problem)
Additional context This line in ./kubernetes-ingress/internal/nginx/verify.go logs: return fmt.Errorf("could not get expected version: %v after %v", expectedVersion, c.timeout)
Hi @hafe thanks for reporting!
Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this :slightly_smiling_face:
Cheers!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Compiling the policies is what seems to take time. Notable is it works when the resources are added to a running NIC but not as soon as it start/restarts.
