using NGINX ingress with https not on 443

Question

How do you use an NGINX ingress controller to route to an app using SSL that is not running on 443? I found this post which seems to say it's not possible.

Deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-deployment
spec:
  selector:
    matchLabels:
      app: foo
  replicas: 2 
  template:
    metadata:
      labels:
        app: foo
    spec:
      containers:
      - name: foo
        image: bar
        ports:
        - containerPort: 3000

Trying:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: foo-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: foo.com
  - http:
      paths:
      - path: /
        backend:
          serviceName: foo
          servicePort: 3000

Answer 1

NginX Ingress Controller is a Layer 7 technology, it does host based (Layer 7) routing and not on ports (Layer 4). So, your clients are expected to connect using standard port 80/443.

So, your clients will simply connect to the https://example.com (port 443) and kubernetes ingress controller will redirect it to your https service on port 3000.

However, since your service is ssl enabled, you will have to use the proper annotations

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: foo-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
spec:
rules:
- host: example.com
  http:
    paths:
    - backend:
        serviceName: foo
        servicePort: 3000