$ kubectl describe -n ag-poc pod/app-gw-ingress-ingress-azure-5d8c7857f5-2pwlv
Name: app-gw-ingress-ingress-azure-5d8c7857f5-2pwlv
Namespace: ag-poc
Priority: 0
PriorityClassName: <none>
Node: aks-timjeurope-23425106-0/10.160.176.4
Start Time: Tue, 19 Feb 2019 15:39:18 +0000
Labels: aadpodidbinding=app-gw-ingress-ingress-azure
app=ingress-azure
pod-template-hash=5d8c7857f5
release=app-gw-ingress
Annotations: <none>
Status: Running
IP: 10.160.176.5
Controlled By: ReplicaSet/app-gw-ingress-ingress-azure-5d8c7857f5
Containers:
ingress-azure:
Container ID: docker://88290df99358b9881a9f9e61053f4c0c228a774e08b2f0ff75e0f6612e4d55c7
Image: mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:0.1.4
Image ID: docker-pullable://mcr.microsoft.com/azure-application-gateway/kubernetes-ingress@sha256:b996e8d9812d4d92cf55d2b02fe8f404352b08e137757c4b8d8dabd11fb1901b
Port: <none>
Host Port: <none>
State: Running
Started: Tue, 19 Feb 2019 15:39:20 +0000
Ready: True
Restart Count: 0
Environment Variables from:
app-gw-ingress-cm-ingress-azure ConfigMap Optional: false
Environment:
KUBERNETES_PORT_443_TCP_ADDR: timj-europe-21d08374.hcp.northeurope.azmk8s.io
KUBERNETES_PORT: tcp://timj-europe-21d08374.hcp.northeurope.azmk8s.io:443
KUBERNETES_PORT_443_TCP: tcp://timj-europe-21d08374.hcp.northeurope.azmk8s.io:443
KUBERNETES_SERVICE_HOST: timj-europe-21d08374.hcp.northeurope.azmk8s.io
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from app-gw-ingress-sa-ingress-azure-token-dt8lh (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
app-gw-ingress-sa-ingress-azure-token-dt8lh:
Type: Secret (a volume populated by a Secret)
SecretName: app-gw-ingress-sa-ingress-azure-token-dt8lh
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events: <none>
$ kubectl logs -n ag-poc pod/app-gw-ingress-ingress-azure-5d8c7857f5-2pwlv
I0219 15:39:20.169703 1 main.go:60] Creating authorizer from MSI
I0219 15:39:20.860867 1 context.go:296] k8s context run started
I0219 15:39:20.860890 1 context.go:383] start waiting for initial cache sync
I0219 15:39:20.861084 1 reflector.go:202] Starting reflector *v1.Endpoints (30s) from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
I0219 15:39:20.861103 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
I0219 15:39:20.861103 1 reflector.go:202] Starting reflector *v1.Secret (30s) from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:381
I0219 15:39:20.861117 1 reflector.go:240] Listing and watching *v1.Secret from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:381
I0219 15:39:20.861185 1 reflector.go:202] Starting reflector *v1.Service (30s) from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:380
I0219 15:39:20.861198 1 reflector.go:240] Listing and watching *v1.Service from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:380
I0219 15:39:20.961202 1 reflector.go:202] Starting reflector *v1beta1.Ingress (30s) from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:390
I0219 15:39:20.961225 1 reflector.go:240] Listing and watching *v1beta1.Ingress from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:390
I0219 15:39:20.973883 1 secretstore.go:119] converted secret [ag-poc/guestbook-cert]
I0219 15:39:21.061176 1 context.go:398] ingress initial sync done
I0219 15:39:21.061200 1 context.go:298] k8s context run finished
I0219 15:39:21.061219 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.061237 1 eventqueue.go:119] Processing event begin, time since event generation: 17.6µs
I0219 15:39:21.061258 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:39:21.061338 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.061362 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.061370 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.061375 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.061381 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.061386 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:39:21.110650 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:12.250325 1 controller.go:112] deployment took 1m51.13964609s
I0219 15:41:12.250354 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:12.250361 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:41:12.250373 1 eventqueue.go:119] Processing event begin, time since event generation: 1m51.189038353s
I0219 15:41:12.250378 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:41:12.290770 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:12.562373 1 controller.go:112] deployment took 271.571988ms
I0219 15:41:12.562403 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:12.562410 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:41:12.562421 1 eventqueue.go:119] Processing event begin, time since event generation: 1m51.501058774s
I0219 15:41:12.562426 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:41:12.602905 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:12.874378 1 controller.go:112] deployment took 271.444888ms
I0219 15:41:12.874406 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:12.874412 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:41:12.874425 1 eventqueue.go:119] Processing event begin, time since event generation: 1m51.813053794s
I0219 15:41:12.874430 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:41:12.929067 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:13.188960 1 controller.go:112] deployment took 259.86525ms
I0219 15:41:13.188988 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:13.188994 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:41:13.189006 1 eventqueue.go:119] Processing event begin, time since event generation: 1m52.127630023s
I0219 15:41:13.189010 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:41:13.239306 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:13.531056 1 controller.go:112] deployment took 291.721454ms
I0219 15:41:13.531083 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:13.531089 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:41:13.531100 1 eventqueue.go:119] Processing event begin, time since event generation: 1m52.469718441s
I0219 15:41:13.531103 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:41:13.576993 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:13.834655 1 controller.go:112] deployment took 257.617942ms
I0219 15:41:13.834701 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:13.834708 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:41:13.834720 1 eventqueue.go:119] Processing event begin, time since event generation: 1m52.773333334s
I0219 15:41:13.834725 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:41:13.898549 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:41:14.167105 1 controller.go:112] deployment took 268.505478ms
I0219 15:41:14.167178 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:41:14.167187 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:43:47.775238 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:43:47.775290 1 eventqueue.go:119] Processing event begin, time since event generation: 56.6µs
I0219 15:43:47.775297 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:43:47.900842 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:45:38.709368 1 controller.go:112] deployment took 1m50.808490032s
I0219 15:45:38.709395 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:45:38.709402 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 15:46:34.951594 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 15:46:34.951651 1 eventqueue.go:119] Processing event begin, time since event generation: 59.4µs
I0219 15:46:34.951664 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 15:46:34.995989 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 15:46:55.364151 1 controller.go:112] deployment took 20.368133189s
I0219 15:46:55.364177 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 15:46:55.364184 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
W0219 16:02:54.891207 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 8381 (9462)
I0219 16:02:55.891399 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 16:28:28.925440 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 12100 (13482)
I0219 16:28:29.925645 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 16:53:55.958816 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 16109 (17438)
I0219 16:53:56.959006 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 17:15:30.989571 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 20094 (20842)
I0219 17:15:31.989854 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 17:38:02.027362 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 23479 (24372)
I0219 17:38:03.027571 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 18:00:50.062117 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 27010 (27947)
I0219 18:00:51.062433 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 18:23:10.092432 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 30579 (31446)
I0219 18:23:11.092759 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 18:46:38.121344 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 34091 (35122)
I0219 18:46:39.121675 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 19:05:11.168606 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 37765 (38025)
I0219 19:05:12.168942 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 19:27:11.215916 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 40677 (41472)
I0219 19:27:12.216256 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 19:44:39.249070 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 44122 (44215)
I0219 19:44:40.249345 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 20:07:49.278814 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 46863 (47842)
I0219 20:07:50.279036 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
W0219 20:32:14.311301 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 50487 (51669)
I0219 20:32:15.311534 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
I0219 20:39:52.860029 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 20:39:52.860056 1 eventqueue.go:119] Processing event begin, time since event generation: 31.001µs
I0219 20:39:52.860075 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 20:39:52.999837 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
I0219 20:40:13.410066 1 controller.go:112] deployment took 20.410197295s
I0219 20:40:13.410091 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 20:40:13.410098 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
I0219 20:48:40.476669 1 secretstore.go:119] converted secret [ag-poc/guestbook-cert]
I0219 20:48:40.476824 1 eventqueue.go:60] Enqueuing skip(false) item
I0219 20:48:40.476847 1 eventqueue.go:119] Processing event begin, time since event generation: 25µs
I0219 20:48:40.476865 1 controller.go:50] controller.processEvent called with type k8scontext.Event
I0219 20:48:40.578199 1 controller.go:98] ~~~~~~~~ ↓ ApplicationGateway deployment ↓ ~~~~~~~~
W0219 20:50:11.340305 1 reflector.go:341] github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379: watch of *v1.Endpoints ended with: too old resource version: 54327 (54488)
I0219 20:50:12.340539 1 reflector.go:240] Listing and watching *v1.Endpoints from github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext/context.go:379
I0219 20:50:31.621828 1 controller.go:112] deployment took 1m51.04359856s
I0219 20:50:31.621854 1 controller.go:119] ~~~~~~~~ ↑ ApplicationGateway deployment ↑ ~~~~~~~~
I0219 20:50:31.621861 1 eventqueue.go:128] Processing event done, updating lastEventTimestamp
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetName": {
"defaultValue": "timj-europe",
"type": "string",
"metadata": {
"description": "VNET name."
}
},
"applicationGatewaySubnetAddressPrefix": {
"defaultValue": "10.160.128.0/24",
"type": "string",
"metadata": {
"description": "Application gateway subnet prefix."
}
},
"applicationGatewayName": {
"defaultValue": "poc-ag-2",
"type": "string",
"metadata": {
"description": "Application gateway name."
}
},
"size": {
"defaultValue": "WAF_Medium",
"type": "string",
"metadata": {
"description": "Application gateway size."
}
},
"capacity": {
"defaultValue": "2",
"type": "string",
"metadata": {
"description": "Application gateway capity."
}
},
"tier": {
"defaultValue": "WAF",
"type": "string",
"metadata": {
"description": "Application gateway tier."
}
}
},
"variables": {
"applicationGatewaySubnetName": "app-gateways",
"vnetId": "[resourceId(concat('core-infra-', parameters('vnetName')), 'Microsoft.Network/virtualNetworks', parameters('vnetName'))]",
"applicationGatewaySubnetId": "[concat(variables('vnetID'),'/subnets/', variables('applicationGatewaySubnetName'))]",
"applicationGatewayPublicIpId": "[resourceId('Microsoft.Network/publicIPAddresses',parameters('applicationGatewayName'))]",
"applicationGatewayId": "[resourceId('Microsoft.Network/applicationGateways', parameters('applicationGatewayName'))]"
},
"resources": [
{
"type": "Microsoft.Network/publicIPAddresses",
"name": "[parameters('applicationGatewayName')]",
"apiVersion": "2018-08-01",
"location": "[resourceGroup().location]",
"sku": {
"name": "Standard"
},
"properties": {
"publicIPAllocationMethod": "Static"
}
},
{
"type": "Microsoft.Network/applicationGateways",
"name": "[parameters('applicationGatewayName')]",
"apiVersion": "2018-08-01",
"location": "[resourceGroup().location]",
"properties": {
"sku": {
"name": "WAF_v2",
"tier": "WAF_v2",
"capacity": "[parameters('capacity')]"
},
"gatewayIPConfigurations": [
{
"name": "appGatewayIpConfig",
"properties": {
"subnet": {
"id": "[variables('applicationGatewaySubnetId')]"
}
}
}
],
"frontendIPConfigurations": [
{
"name": "appGatewayFrontendIP",
"properties": {
"PublicIPAddress": {
"id": "[variables('applicationGatewayPublicIpId')]"
}
}
}
],
"frontendPorts": [
{
"name": "httpPort",
"properties": {
"Port": 80
}
},
{
"name": "httpsPort",
"properties": {
"Port": 443
}
}
],
"backendAddressPools": [
{
"name": "bepool",
"properties": {
"backendAddresses": []
}
}
],
"httpListeners": [
{
"name": "httpListener",
"properties": {
"protocol": "Http",
"frontendPort": {
"id": "[concat(variables('applicationGatewayId'), '/frontendPorts/httpPort')]"
},
"frontendIPConfiguration": {
"id": "[concat(variables('applicationGatewayId'), '/frontendIPConfigurations/appGatewayFrontendIP')]"
}
}
}
],
"backendHttpSettingsCollection": [
{
"name": "setting",
"properties": {
"port": 80,
"protocol": "Http"
}
}
],
"requestRoutingRules": [
{
"name": "rule1",
"properties": {
"httpListener": {
"id": "[concat(variables('applicationGatewayId'), '/httpListeners/httpListener')]"
},
"backendAddressPool": {
"id": "[concat(variables('applicationGatewayId'), '/backendAddressPools/bepool')]"
},
"backendHttpSettings": {
"id": "[concat(variables('applicationGatewayId'), '/backendHttpSettingsCollection/setting')]"
}
}
}
],
"webApplicationFirewallConfiguration": {
"enabled": true,
"firewallMode": "Prevention",
"ruleSetType": "OWASP",
"ruleSetVersion": "3.0",
"disabledRuleGroups": [
{
"ruleGroupName": "REQUEST-931-APPLICATION-ATTACK-RFI",
"rules": [
931130
]
}
]
},
"sslPolicy": {
"policyType": "Custom",
"cipherSuites": [
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
],
"minProtocolVersion": "TLSv1_2"
}
},
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', parameters('applicationGatewayName'))]"
]
}
]
}