Trouble at configuring http(s) for an nginx-ingress

Question

Im currently trying to create an ingress, following the ssl-termination approach, which allows me to connect to a service both via http and https. I managed to create a working ingress for http, partly for https, but not both together..

heres my config

Ingress Controller: Deployment & Service

apiVersion: extensions/v1beta1
kind: Deployment
metadata: 
  name: nginx-ingress-controller
spec: 
  replicas: 1
  revisionHistoryLimit: 3
  template: 
  metadata: 
    labels: 
      k8s-app: nginx-ingress-lb
  spec: 
    containers: 
      - args: 
          - /nginx-ingress-controller
          - "--default-backend-service=$(POD_NAMESPACE)/default-http-backend"
        env: 
           
        image: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0-beta.17"
        imagePullPolicy: Always
        livenessProbe: 
            
        name: nginx-ingress-controller
        ports: 
          - containerPort: 80
            name: http
            protocol: TCP
          - containerPort: 443
            name: https
            protocol: TCP
        volumeMounts: 
          - mountPath: /etc/nginx-ssl/tls
            name: tls-vol
    terminationGracePeriodSeconds: 60
    volumes: 
      - name: tls-vol
        secret: 
          secretName: tls-test-project-secret
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-ingress
spec:
type: NodePort
ports:
- name: http
  port: 80
  targetPort: http
  nodePort: 31115
- name: https
  port: 443
  targetPort: https
  nodePort: 31116
selector:
  k8s-app: nginx-ingress-lb

Ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: nginx-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    ingress.kubernetes.io/secure-backends: "false"

    # modified this to false for http & https-scenario
    ingress.kubernetes.io/ssl-redirect: "true"

    # modified this to false for http & https-scenario
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    ingress.kubernetes.io/add-base-url: "true"  
spec:
  tls:
   - hosts:
     - author.k8s-test
     secretName: tls-test-project-secret
  rules:
  - host: author.k8s-test
    http:  
      paths:
      - path: / 
        backend:
          serviceName: cms-author
          servicePort: 8080

Backend - Service

apiVersion: v1
kind: Service
metadata:
  name: cms-author
spec:
  selector:
    run: cms-author
  ports:
  - name: http
    protocol: TCP
    port: 8080
    targetPort: 8080

Backend-Deployment:

 apiVersion: apps/v1
 kind: Deployment
 metadata:
    name: cms-author
 spec:
   selector:
     matchLabels:
       run: cms-author
   replicas: 1
   template:
     metadata:
       labels:
         run: cms-author
     spec:       
       containers:
       - name: cms-author
         image: /magnolia:kube-dev
       imagePullPolicy: Always       
      ports:
       - containerPort: 8080

I have several issues, when follwing the https only scenario, i can reach the application via the ingress https nodePort, but cant login, as the follwing request goes via http instead of https.. If i put manually https before the url in browser, it is working again and any further request goes via https., but I dont know why :(

The final setting (supporting http and https) is completely not working, as if I try to access the app via http-nodePort of Ingress, it always redirects to ssl, but in this scenario, I configured to ssl-redirect to false, but still not working.

I have read many posts on github, dealing with that, but none of them worked for me
I've changed the nginx-controller images from gce_containers to quay.io, also not working
I've tried some older versions, also not working.

Trouble at configuring http(s) for an nginx-ingress

Answers (1)

Related Questions