edge-stack is failing to route traffic on port 8443

[anabih]

edge-stack is failing to route traffic on port 8443 after exposing it, with HTTP 404 error.

Casey did a little bit of digging, and according to him the virtual host and the server names are not propagated correctly for some reason.

The port is exposed to Kubernetes:

kubectl get services
NAME               TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                                     AGE
ambassador         LoadBalancer   11.111.222.111   localhost     80:31769/TCP,443:31982/TCP,8443:31695/TCP   54d

We do use the lua script in the Module that strips the port from authority.

apiVersion: getambassador.io/v3alpha1
kind:  Module
metadata:
  name:  ambassador
  namespace: alpha-ambassador
spec:
  config:
  # Use the items below for config fields
    lua_scripts: |
      function envoy_on_request(request_handle)
        local authority = request_handle:headers():get(":authority")
        if(string.find(authority, ":") ~= nil)
        then
          local authority_index = string.find(authority, ":")
          local stripped_authority = string.sub(authority, 1, authority_index - 1)
          request_handle:headers():replace(":authority", stripped_authority)
        end
      end

This is the Mapping object:

apiVersion: getambassador.io/v2
kind: Mapping
metadata:
  name: guestbook-mapping
spec:
  grpc: false
  host: "^example\\.com:8443$"
  host_regex: true
  prefix: /
  rewrite: ""
  service: guestbook:80

We also tried to add this Host object, but it didn't help:

apiVersion: getambassador.io/v2
kind: Host
metadata:
  name: example.com-8443
spec:
  acmeProvider:
    authority: none
  hostname: '*.example.com:8443'
  selector:
    matchLabels:
      hostname: example.com:8443
  tls:
    alpn_protocols: h2
  tlsSecret:
    name: example-com-server-secret