You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Linkerd appears to handle responses to readiness probes with status code 302 as an error and as a consequence reports a 403 to EKS.
The setup deployed multiple pods one of which is an nginx as reverse proxy. The readiness probe for the nginx sends a request, for which nginx forwards the request to the web application hosted behind it. This service responds with a 302 as the path in the readiness probe is not the final destination path (e.g. redirecting from / to /login/). This response is for some reason treated as an error and the redirect is not being followed, unlike in regular EKS without linkerd. Lastly the returned HTTP code for readiness probe of the nginx reported back toe EKS is 403 (unauthorized).
This appears to be similar to #11590, it is also a Django application but we do not use Server.
Is this a difference in behavior that is not documented or did we miss this somewhere? Does linkerd prevent following redirects for some reason?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Linkerd appears to handle responses to readiness probes with status code 302 as an error and as a consequence reports a 403 to EKS.
The setup deployed multiple pods one of which is an nginx as reverse proxy. The readiness probe for the nginx sends a request, for which nginx forwards the request to the web application hosted behind it. This service responds with a 302 as the
pathin the readiness probe is not the final destination path (e.g. redirecting from/to/login/). This response is for some reason treated as an error and the redirect is not being followed, unlike in regular EKS without linkerd. Lastly the returned HTTP code for readiness probe of the nginx reported back toe EKS is 403 (unauthorized).This appears to be similar to #11590, it is also a Django application but we do not use
Server.Is this a difference in behavior that is not documented or did we miss this somewhere? Does linkerd prevent following redirects for some reason?
Beta Was this translation helpful? Give feedback.
All reactions