Bind on Port 80 Fails Due to Permissions in NGINX Ingress
This document (000020005) is provided subject to the disclaimer at the end of this document.
Situation
Issue
Sometimes an admin may see an error in the logs like the one below:
nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)
Pre-requisites
- A Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x provisioned Kubernetes cluster
Workaround
Remove the ingress container image from the node(s), using the following commands:
# Find the name of the nginx-ingress-controller pod
NGINX_INGRESS_CONTROLLER="$(kubectl get pods -n ingress-nginx | awk '/nginx-ingress-controller/ { print $1 }')"
# Remove nginx-ingress-controller pod and then clean up the container image
docker rm -f "${NGINX_INGRESS_CONTROLLER}" && \
docker system prune -af
Resolution
According to kubernetes/ingress-nginx GitHub Issue #3858, this is caused by a capabilities failure on one of the layers of the nginx-ingress-controller image, due to the xattrs not being copied correctly.
Further reading
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020005
- Creation Date: 23-Aug-2022
- Modified Date:23-Aug-2022
-
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
