Ingress ignoring Global IP when making it https only

Question

Create an External Ingress for a service like the one below.

Everything gets created but without the behavior I expect.

Global IP is not used, another one is used instead
HTTP is still enabled

apiVersion: "extensions/v1beta1"
kind: "Ingress"
metadata:
  annotations:
    kubernetes.io/ingress.allow-http: false
    kubernetes.io/ingress.global-static-ip-name: "my-ingress-ip"
  labels:
    app.kubernetes.io/instance: "my-service-api"
    app.kubernetes.io/managed-by: "pulumi"
    app.kubernetes.io/name: "my-service-api"
    app.kubernetes.io/version: "1.0.0-service"
    helm.sh/chart: "service-0.1.0"
  name: "my-service-api-proxy"
  namespace: "load-test"
spec:
  backend:
    serviceName: "my-service-api-proxy"
    servicePort: 80
  tls:
    - secretName: "my-tls-secret-cert"

As soon as I remove the kubernetes.io/ingress.allow-http annotation, the ingress picks up my global IP.

Has anyone ran into this issue when creating an Ingress with a global IP and HTTPS only access?

GKE version: 1.18.16-gke.2100

Node Config:

Kernel version 5.4.89+

OS image Container-Optimized OS from Google

Container runtime version docker://19.3.14

kubelet version v1.18.16-gke.2100

kube-proxy version v1.18.16-gke.2100

Ingress ignoring Global IP when making it https only

Answers (1)

Related Questions