application gateway ingress return 502 error
I am unable to hit my backend endpoint via application gateway load balancer. It returns error 502 Bad Gateway.
Azure Application Gateway
Azure Kubernetes Service (AKS)
-
Gowtham CP 1,010 Reputation points
2024-05-09T09:33:15.35+00:00 Hello @Loraine Sum Thanks for posting your question on Microsoft Q&A. If you're encountering a 502 Bad Gateway error with your Application Gateway, start by checking the health of your backend servers and ensuring proper network connectivity. Review your Application Gateway configuration for any errors, especially in listener rules and backend pools. Check for network security group issues that might block traffic. For further troubleshooting, consult Azure Monitor logs and consider using Azure Network Watcher. For detailed guidance, refer to Microsoft Docs on troubleshooting Application Gateway 502 errors: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-troubleshooting-502
If you found the solution helpful, consider accepting it.
-
GitaraniSharma-MSFT 48,011 Reputation points • Microsoft Employee
2024-05-09T09:39:02.0033333+00:00 Hello @Loraine Sum ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you are getting 502 errors when accessing your Application gateway.
- Could you please let me know what is configured in the backend of App GW?
- You mentioned "Application gateway ingress" in your title, so could you please confirm if it is a standalone Application gateway or an Application gateway Ingress controller?
- Could you please let me know if this Application gateway was working before or this is a new setup?
- Also, please share the backend health status of your Application gateway. Refer: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-backend-health-troubleshooting#how-to-check-backend-health
- For further troubleshooting of 502 errors, you can refer the following doc: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-troubleshooting-502
Regards,
Gita
-
Loraine Sum 0 Reputation points
2024-05-09T10:05:42.9466667+00:00 Hi Gita,
I am setting up "Application Gateway Ingress Controller". I have two ingresses, one works fine and the other returns error 502. I have checked the backend health for the one not working, it returns 404 with http protocol.
The backend is a pod running on AKS, I have logged into the pod and I can see the pod is listening and the backend pool FQDN is the correct ip address of the pod.
I have followed the doc for troubleshooting 502 but still no luck.
-
GitaraniSharma-MSFT 48,011 Reputation points • Microsoft Employee
2024-05-09T10:34:51.3966667+00:00 @Loraine Sum , thank you for the confirmation. I've tagged AKS to this post, so that the AGIC (Application gateway Ingress Controller) experts can take a look into the issue further.
-
Prrudram-MSFT 22,486 Reputation points
2024-05-14T06:50:36.5633333+00:00 Hi @Loraine Sum
Setting up an Application Gateway Ingress Controller (AGIC) in Azure and encountering a 502 error can be challenging. The 502 Bad Gateway error indicates that the gateway received an invalid response from the upstream server, which in this case is your AKS pod. Since you’ve checked the backend health and it returns a 404 error with HTTP protocol, this suggests that the AGIC is able to communicate with the pod, but the specific resource it’s trying to access is not found.
Here are some steps you can take to troubleshoot the issue further:
Verify the Ingress Resource: Ensure that the Ingress resource is correctly configured to route traffic to your service. You can check this with the command
kubectl get ingress
.Check the Service Configuration: Make sure that the service is active and properly configured to route traffic to the correct port on your pod. Use
kubectl get svc
to verify the service details.Inspect the Pod’s Logs: Look at the logs of the pod to see if there are any errors or messages that could indicate why it’s returning a 404. Use
kubectl logs <pod-name>
.Review AGIC Logs: Check the logs of the AGIC pod to see if there are any errors or messages related to the configuration or routing. Use
kubectl logs <agic-pod-name>
.Test with a Simple App: Deploy a simple application to ensure that the Application Gateway, AKS, and AGIC setup is correct. This can help isolate whether the issue is with your specific application or the infrastructure setup1.
Check for SSL/TLS Issues: If you’re using SSL/TLS, ensure that the certificates are correctly configured and that the AGIC is able to use them.
Review Annotations: Annotations in your Ingress resource can affect how traffic is routed. Make sure that they are correctly set. For example, if you’re not using Nginx, avoid using annotations specific to Nginx Ingress Controller.
Path-Based Routing: If you’re using path-based routing, ensure that the paths are correctly defined in your Ingress resource and that your application is configured to handle those paths.
If you’ve already followed the official troubleshooting documentation and these steps without success, it might be helpful to reach out to Azure support for more in-depth assistance. They can provide more targeted help based on the specifics of your Azure environment and configuration.
Sign in to comment