Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Application Gateway for Containers httproute wildcard hostname not working #4713

Open
jack1902 opened this issue Dec 17, 2024 · 1 comment
Assignees
Labels
AGC Application Gateway for Containers bug

Comments

@jack1902
Copy link

jack1902 commented Dec 17, 2024

Describe the bug
When using Application Gateway for Containers with a httproute referencing a gateway, a hostname value such as *.contoso.com doesn't work. This renders functionality within my app entirely useless, as i would be required to add entries to hostnames for each expected prefix.

According to the documentation around the Gateway API wildcards are possible

To Reproduce
Steps to reproduce the behavior:

  1. Provision an Application Gateway for containers resource and wire in a gateway with a listener
  2. Deploy a httproute pointing to your application which defines hostnames
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: http-route
spec:
  hostnames:
  # This wildcard will not function
  - '*.contoso.com'
  # Below examples would work, but i wanted to use the wildcard as per the gateway API specifications
  # - "customerA.contoso.com"
  # - "customerB.contoso.com"
  parentRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: gateway
    namespace: kube-system
  rules:
  - backendRefs:
    - group: ""
      kind: Service
      name: <yourservice>
      port: 
  1. Attempt to call the system
fqdn=$(kubectl get gateway gateway -n kube-system -o jsonpath='{.status.addresses[0].value}')
# This assumes you actually have a service running
curl --header 'Host: customerA.contoso.com' --insecure https://$fqdn

Expected behavior
I expected *.contoso.com to function but it doesn't. Using specific entries does work, but that will not scale, and goes against the Gateway API specifications

Environment (please complete the following information):

  • CLI Version: 1.32
  • Kubernetes version: v1.30.6

Additional context
I'm aiming to use the application gateway for containers to fully replace ingress, as it makes moving between clouds and on-premise sigificantly easier. This is purely for static assets which i will be looking to port to something else, but currently running inside a container. Whilst i can get around this issue, would be good to flag for others.

In addition to this, i will check the feature request for the Application Gateway for Containers Application Firewall feature (i have seen it was mentioned a while back on various forums but it feels like AppGW for Containers is not used heavily?)

Copy link
Contributor

@JackStromberg would you be able to assist?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
AGC Application Gateway for Containers bug
Projects
None yet
Development

No branches or pull requests

3 participants