`global.ingress.class` value is not used in IngressClass's `metadata.name`
Summary
Upgrading from 5.5.2 to 5.6.0 caused the built-in nginx ingress class to no longer handle ingresses to any of the GitLab services. I needed to remove the ingressClassName from the specs of the ingresses and put back the old kubernetes.io/ingress.class: nginx
Configuration used
(Please provide a sanitized version of the configuration used wrapped in a code block (```yaml))
global:
edition: ce
hosts:
domain: apps.mydomain.com
ingress:
proxyBodySize: 8192m
class: nginx # set this class rather than the default gitlab-nginx, see https://gitlab.com/charts/gitlab/issues/1348
tls:
enabled: true
appConfig:
dependencyProxy:
enabled: true
incomingEmail:
enabled: true
address: "gitlab@mydomain.com"
host: "mail.mydomain.com"
port: 993
ssl: true
startTls: false
user: "gitlab@mydomain.com"
password:
secret: "email-password"
mailbox: inbox
idleTimeout: 60
smtp:
enabled: true
address: mail.mydomain.com
port: 25
user_name: "gitlab@mydomain.com"
## doc/installation/secrets.md#smtp-password
password:
secret: "email-password"
key: password
# domain:
authentication: "login"
starttls_auto: true
openssl_verify_mode: "peer"
email:
from: 'gitlab@mydomain.com'
display_name: My GitLab
reply_to: 'gitlab@mydomain.com'
grafana:
enabled: true
extraEnv:
PLANTUML_ENCODING: deflate
certmanager-issuer:
email: me@mydomain.com
certmanager:
# set default issuer and kind to a cluster issuer so it can manage certificates for ingresses in all namespaces
ingressShim:
defaultIssuerName: gitlab-cluster-issuer
defaultIssuerKind: ClusterIssuer
defaultIssuerGroup: cert-manager.io
nginx-ingress:
rbac:
scope: false
controller:
config:
use-http2: "true"
scope:
enabled: false
# we want to use this nginx-ingress deployment across the whole cluster; don't limit scope to the default namespace. see https://gitlab.com/charts/gitlab/issues/1348
service:
externalTrafficPolicy: "Cluster"
annotations:
metallb.universe.tf/allow-shared-ip: "SharingIsCaring"
# MetalLB needs this annotation and for the externalTrafficPolicy to be set to "Cluster" in order to share a single IP to different services (so long as they use different ports)
registry:
ingress:
tls:
enabled: true
gitlab-runner:
install: false
# https://gitlab.com/gitlab-org/charts/gitlab/issues/1647
gitlab:
# task-runner needs storage in order to keep from being evicted
# temporarily disabling task runner tmp for now, though, as the main drive is bigger now
#task-runner:
# persistence:
# enabled: true
# size: 100Gi
# storageClass: temp-storage
# gitaly stores git repos (including wikis)
# gitaly's size can't be changed after deployed because it's a StatefulSet. other volumes can be expanded
gitaly:
persistence:
size: 500Gi
sidekiq:
maxReplicas: 3
# sidekiq needs too much CPU for the default of 10 replicas, and it doesn't make much sense to have more than one per node anyway
# minio stores registry, lfs, uploads (attached images/files in comments, etc), backups
minio:
persistence:
size: 500Gi
prometheus:
kubeStateMetrics:
enabled: true
Current behavior
The specified address for the ingress serves default backend (404). nginx ingress controller logs indicate no object matching "nginx" in local store for the affected ingresses.
Expected behavior
Ingress controller services the ingress (e.g. spec.ingressClassName is found by the included nginx ingress controller, or the original method of setting ingress.class is retained so that the included nginx ingress controller picks it up)
Versions
- Chart: 5.6.0
- Platform:
- Self-hosted: kubespray 2.16.0
- Kubernetes: (
kubectl version
)- Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.7", GitCommit:"132a687512d7fb058d0f5890f07d4121b3f0a2e2", GitTreeState:"clean", BuildDate:"2021-05-12T12:40:09Z", GoVersion:"go1.15.12", Compiler:"gc", Platform:"linux/amd64"}
- Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.7", GitCommit:"132a687512d7fb058d0f5890f07d4121b3f0a2e2", GitTreeState:"clean", BuildDate:"2021-05-12T12:32:49Z", GoVersion:"go1.15.12", Compiler:"gc", Platform:"linux/amd64"}
- Helm: version.BuildInfo{Version:"v3.5.4", GitCommit:"1b5edb69df3d3a08df77c9902dc17af864ff05d1", GitTreeState:"clean", GoVersion:"go1.15.11"}
Relevant logs
I1228 23:36:56.481846 6 store.go:367] "Ignoring ingress because of error while validating ingress class" ingress="default/gitlab-webservice-default" error="no object matching key \"nginx\" in local store"
Repeated for minio, grafana, registry...
Started working again once I re-added kubernetes.io/ingress.class: nginx back and also removed ingressClassName from spec. I seem to recall I had to do both, for some reason, as just adding the original annotation back didn't appear to change anything at the time (unless it was just slow on spotting the change to the ingress).