Bind on Port 80 Fails Due to Permissions in NGINX Ingress
Article Number: 000020005
Environment
A Rancher Kubernetes Engine (RKE) CLI or Rancher v2.x provisioned Kubernetes cluster
Situation
Sometimes an admin may see an error in the logs like the one below:
nginx: [emerg] bind() to 0.0.0.0:80 failed (13: Permission denied)
Cause
According to kubernetes/ingress-nginx GitHub Issue #3858, this is caused by a capabilities failure on one of the layers of the nginx-ingress-controller image, due to the xattrs not being copied correctly.
Resolution
Remove the ingress container image from the node(s), using the following commands:
# Find the name of the nginx-ingress-controller pod
NGINX_INGRESS_CONTROLLER="$(kubectl get pods -n ingress-nginx | awk '/nginx-ingress-controller/ { print $1 }')"
# Remove nginx-ingress-controller pod and then clean up the container image
docker rm -f "${NGINX_INGRESS_CONTROLLER}" && \
docker system prune -af