Aws-load-balancer-controller: ingress rule always point to first listed service in rules

@bigkraig Can you please help me! Please let me know if I need to provide more information/steps about the issue.
Note : I am not using any host, just trying to access application with the loadbalancer DNS address. and able to access first listed service.

@amit-kansal i'm going to try to reproduce (and then fix) this today 👍

What version of the controller are you using? I'm unable to reproduce this.

spec:
  rules:
    - http:
        paths:
          - path: /
            backend:
              serviceName: svc1
              servicePort: 8080
          - path: /healthz
            backend:
              serviceName: svc2
              servicePort: 9093

@bigkraig I am using version 1.0-alpha.9.

And in aws console I am also able to see rules are creating defined in controller yaml file. Can you please share the annotation which you used in your ingress controller.

Please try it out with 1.0-beta.2, the annotations on mine were specific to ticketmasters subnets/tags/security groups, i only have the HTTP port 80 as seen in the rules

What is the default action supposed to be? I see in your screenshot that it is pointing to svc1. I would expect there to be a third service for the http-default-backend service? Or am I missing the reason for the existence of the 'default service'?

@natefox it currently defaults to the first rule in the ingress. there is another issue #405 to address support for the backend parameter, but that work hasn't been done yet

@bigkraig Today I tried multiple times and updated the version with 1.0-beta.2 but still no luck :(
Loadbalancer always points to the default rule. The rules with custom path are not pointing to related services.
Can you please one more time check my ingress yaml. If all the required annotations are in place ?

`apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: echoserver
  namespace: echoserver
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/subnets: subnet-f97d1680,subnet-ba1683f1
    alb.ingress.kubernetes.io/security-groups: alb.ingress.kubernetes.io
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
spec:
  rules:
    - http:
        paths:
          - path: /codexweb
            backend:
              serviceName: codex-web
              servicePort: 8080
          - path: /codexrestapi
            backend:
              serviceName: codex-rest-api
              servicePort: 8080`

can you show me a screenshot of the listener?

@bigkraig Below are the screenshots -

#

So that looks correct, requests to /codexweb are going to the 31755 nodeport service and /codexrestapi are going to the 31281 service.

There are no rewrite rules in ALBs, so the services need to respond on those specific paths.

But the 1st and 2nd rules never works for me only the last rule works(default one). And if you see the last default rule points to first listed service 31755 nodeport in path rules. So I am only able to access first service.
Below are the screenshots for serivces access through client.

Default Rule-

1st Rule

The ALB is redirecting the /codexweb request to the 31755 service, the service is not responding to the request made to /codexweb, it does not go to / on 31755. Does that make sense?

@bigkraig sorry I really didn't get it. Here what I understood; ALB doing its job If request is not routed to any path then its routing to last one(default action) and in default action its again pointing to 31755 service and that's why I am able to access that service.

I made some manual change to my ELB listeners. I changed 31755 nodeport to 31281(2nd rule service). And now on / I am able to access second service.

Appreciate if you can guide me what I need to make changes to access my 2nd rule service (/codexrestapi).

As I already said I am new to setup all this stuff but let me know if first I need to go through some doc to understand it better. Thanks for your support! :)

@amit-kansal how are the full URLs to /codeweb and /coderestapi paths?

I guess your problem is due to the missing wildcards on the paths. I mean, the target group of the rule with path /codeweb only responds to URLs like http://xxxxx/codeweb (without slash) and not http://xxxxx/codeweb/blahblah. Same for /codeapi path.

If the path of your URL is not exactly the path specified in the rule, you need to specify a path similar to this:

  rules:
    - http:
        paths:
          - path: /codexweb*
            backend:
              serviceName: codex-web
              servicePort: 8080
          - path: /codexrestapi*
            backend:
              serviceName: codex-rest-api
              servicePort: 8080`

Note the asterisk added to the end of the paths. Also remember that you are not specifying any rule for root path, so currently, the behavior is set the default rule to the first rule specified, as @bigkraig said.

Read more about Path Conditions of Listener Rules of AWS, here.

Hello, thank you, @ehbello! I was experiencing the same issue and just had to add the wildcard to it.

Hello ,How to change the default last rule by alb ingress controller?I didn't have any solution for these question.