Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spike: figure out a path forward for misconfigured KongPlugin resources #680

Closed
hbagdi opened this issue May 21, 2020 · 5 comments
Closed

Spike: figure out a path forward for misconfigured KongPlugin resources #680

hbagdi opened this issue May 21, 2020 · 5 comments
Assignees
@shaneutt
Labels
area/spike
Milestone
1.2.0

Comments

@hbagdi
Copy link
Member

hbagdi commented May 21, 2020
edited by mflendrich
Loading

Users always run into issues with malformed plugin configurations which brings down the entire reconciliation loop.
Figure out a way to avoid this from happening.
One are to explore will be to use Kong's /schema endpoint a lot more to verify if each KongPlugin is valid or not.
This will need to be cached to avoid performance issues when the network latency between the controller and Kong is significant (> 10s of milliseconds)

Acceptance criteria

TBD (@shaneutt to shepherd this issue)
@hbagdi hbagdi added this to the 0.10.0 milestone May 21, 2020
@hbagdi hbagdi self-assigned this Jun 15, 2020
@hbagdi hbagdi mentioned this issue Jul 7, 2020
Closed
@hbagdi hbagdi removed this from the 0.10.0 milestone Aug 28, 2020
@hbagdi hbagdi added this to the 1.1.0 milestone Sep 11, 2020
@hbagdi hbagdi removed their assignment Oct 20, 2020
@mflendrich mflendrich removed the trello label Oct 30, 2020
@rainest rainest modified the milestones: 1.1.0, 1.2.0 Dec 8, 2020
@stale
Copy link

stale bot commented Mar 20, 2021

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale Will be closed unless advocated for within 7 days label Mar 20, 2021
@stale stale bot closed this as completed Mar 27, 2021
@hbagdi hbagdi reopened this Mar 29, 2021
@stale stale bot removed the stale Will be closed unless advocated for within 7 days label Mar 29, 2021
@acoder-dev
Copy link

We have run into this problem many times. Our entire cluster goes down since the gateway fails if one plugin is misconfigured. This is a very concerning issue to us. We may drop Kong altogether because of it.

  • Are there any plans to address this issue?
  • Is there some kind of work around such as validating the plugin config in a CICD pipeline?

@hbagdi
Copy link
Member Author

hbagdi commented Feb 7, 2022

Please configure and install validating webhook: https://docs.konghq.com/kubernetes-ingress-controller/2.1.x/deployment/admission-webhook/#main

That will get rid of the problem in most cases.

@acoder-dev
Copy link

That's great thanks for the quick response we will look in to this.

@shaneutt shaneutt mentioned this issue Mar 10, 2022
Closed
5 tasks
@shaneutt
Copy link
Contributor

In #2195 we are addressing this problem holistically and attempting to do it in ways that wont technically require the validating webhook (however, please do install it). We're going to close this in favor of #2195, please subscribe to that issue to track the progress of improvements in this regard.

@mflendrich mflendrich mentioned this issue May 11, 2022
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shaneutt shaneutt

Labels
area/spike
Projects
None yet
Milestone
1.2.0
Development

No branches or pull requests
5 participants
@rainest @mflendrich @hbagdi @shaneutt @acoder-dev