My environment is hosted in AWS.
I had deployed the helm chart stable/nginx-ingress
in TCP mode (I need an AWS ELB in TCP mode for WebSocket. I need exactly ELB classic!), also I need to use AWS ACM certificate and my backend without it. So, it should be like:
TCP:80 -> TCP:30452 (Kubernetes)
SSL(TCP):443 -> TCP:31453 (Kubernetes)
My "nginx-ingress" is:
controller:
name: controller
image:
repository: quay.io/kubernetes-ingress-controller/nginx-ingress-controller
tag: "0.27.0"
pullPolicy: IfNotPresent
# www-data -> uid 101
runAsUser: 101
allowPrivilegeEscalation: true
# Configures the ports the nginx-controller listens on
containerPort:
http: 80
https: 80
# Will add custom configuration options to Nginx https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/
config:
allow-backend-server-header: "true"
use-proxy-protocol: "true"
server-tokens: "false"
use-forwarded-headers: "true"
ssl-redirect: "true"
http-redirect-code: "301"
proxy_redirect: "off"
ingressClass: websocket
service:
enabled: true
annotations:
# Enable PROXY protocol
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '120'
# SSL
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-west-1:123123123123:certificate/123123123123123123123"
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: 'https'
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: 'tcp'
ports:
http: 80
https: 443
targetPorts:
http: http
https: http
type: LoadBalancer
nodePorts:
http: ""
https: ""
tcp: {}
udp: {}
My INGRESS configuration for service:
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: websocket
hosts:
- host: example.com
paths:
- /
How can I set up a redirect from HTTP to HTTPS?
When I use nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
in ingress, I get redirect loop :(