combination of selfsharding with auth OR acl rules not working
Combination of self-sharding with acl OR auth options in varnish config crd don't work properly. Result is an 503 error backend fetch failed. It doesn't matter if you combine acl+auth or just one of them. For example: VarnishConfig
apiVersion: "ingress.varnish-cache.org/v1alpha1"
kind: VarnishConfig
metadata:
name: varnish-ingress-config
spec:
services:
- varnish-ingress
self-sharding:
max-secondary-ttl: 2m
probe:
timeout: 2s
interval: 3s
initial: 2
window: 4
threshold: 3
acl:
- name: ip-whitelist
addrs:
- addr: 127.0.0.1
- addr: localhost
type: whitelist
fail-status: 0
result-header:
header: req.http.X-Whitelisted
success: "true"
failure: "false"
auth:
- realm: AUTH
secretName: basicauth-secret
type: basic
utf8: true
conditions:
- comparand: req.http.X-Whitelisted
value: "false"
compare: equal
BackendConfig
apiVersion: "ingress.varnish-cache.org/v1alpha1"
kind: BackendConfig
metadata:
name: tea-service
spec:
services:
- tea-service
connect-timeout: 2s
first-byte-timeout: 30s
between-bytes-timeout: 2s
probe:
request:
- GET /health HTTP/1.1
- "Host: tea.example.com"
- "Connection: close"
timeout: 3s
interval: 3s
window: 4
threshold: 3
director:
type: shard
warmup: 50
rampup: 5m