Hello community,
I need help in order to make my base tow deploy work. We’ve deployed it on AWS using K8s and an application load balancer (EKS+ALB).
Our main pain point regards on the health check made by the ALB to assign the PODs are healthy and good to start replying requests.
On the logs we do see the health check source IP is the load balancer. However this address is dynamic (provisioned during the baserow spin up).
We tried using BASEROW_EXTRA_ALLOWED_HOSTS parameter but without success.
Do you guys have any suggestion how we can handle this situation?
Thanks in advance
Here are the logs of the PODs to explain a little bit:
IP 10.110.20.29 is the POD IP
IP 10.110.20.187 is the ALB IP
What seems to me that every request (health_check) reaches the POD with it’s own IP.
I’ve tryed adding the parameter BASEROW_EXTRA_ALLOWED_HOSTS: “‘*’” with an wildcard but it didn’t work.
ERROR 2024-10-24 15:00:49,704 django.security.DisallowedHost.response_for_exception:124- Invalid HTTP_HOST header: **'10.110.20.29:8000'**. You may need to add '10.110.20.29' to ALLOWED_HOSTS.
Traceback (most recent call last):
File "/baserow/venv/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
response = get_response(request)
^^^^^^^^^^^^^^^^^^^^^
File "/baserow/venv/lib/python3.11/site-packages/django/utils/deprecation.py", line 133, in __call__
response = self.process_request(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/baserow/venv/lib/python3.11/site-packages/django/middleware/common.py", line 48, in process_request
host = request.get_host()
^^^^^^^^^^^^^^^^^^
File "/baserow/venv/lib/python3.11/site-packages/django/http/request.py", line 151, in get_host
raise DisallowedHost(msg)
django.core.exceptions.DisallowedHost: Invalid HTTP_HOST header: '10.110.20.29:8000'. You may need to add '10.110.20.29' to ALLOWED_HOSTS.
WARNING 2024-10-24 15:00:49,827 django.request.log_response:241- Bad Request: /api/_health/
**10.110.20.187**:58118 - "GET /api/_health/ HTTP/1.1" 400
Hello @rsorelli ,
Are you deploying to EKS using the official Baserow helm chart? baserow 1.0.5 · baserow/baserow-chart
It deploys with Caddy as ingress controller to make the application builder work nicely on different subdomains.
Hi @JoeriMalmberg ,
Thanks for your reply.
No, I’ve deployed directly using de K8S manual (Install with K8S).
I made a few adjustments mainly on the ingress to make it work using AWS ALB instead.
Here is the Ingress I’ve set up:
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: balancer-back
namespace: baserow
annotations:
alb.ingress.kubernetes.io/scheme: internal # or internal
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
alb.ingress.kubernetes.io/inbound-cidrs: 0.0.0.0/0
alb.ingress.kubernetes.io/subnets: subnet-xxxxxxxx,subnet-yyyyyy
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:-----:certificate/-------
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/backend-protocol: HTTP # or HTTPS
spec:
ingressClassName: alb
rules:
- host: backend-wsgi.hedgepoint.local
http:
paths:
- pathType: Prefix
path: "/ws/"
backend:
service:
name: backend-asgi
port:
number: 80
- pathType: Prefix
path: "/"
backend:
service:
name: backend-wsgi
port:
number: 80
Manybe I can give a try using the HELM as you suggested and see if it works. I noticed that usong HELM it created a NLB rather than an ALB.