Kubernetes Ingress Routing HTTP with Kestrel Kubernetes Ingress Routing HTTP with Kestrel kubernetes kubernetes

Kubernetes Ingress Routing HTTP with Kestrel


.net kubernetes nginx-ingress asp.net5

Service and deployment look correct, but I can see some issues with ingress.

When using ssl-passthrough path based routing doesn't work so you can skip it.

Also, there is a typo in your config:

- host: a.b.com-  http:    # <- HERE

there shouldn't be the second dash.

Here is how it should look like:

spec:  rules:  - host: a.b.com    http:      paths:

Additionally, have a look what nginx ingres docs has to say about ssl-passthrough:

SSL Passthrough

The --enable-ssl-passthrough flag enables the SSLPassthrough feature, which is disabled by default. This is required toenable passthrough backends in Ingress objects.

Warning

This feature is implemented by intercepting all traffic on theconfigured HTTPS port (default: 443) and handing it over to a localTCP proxy. This bypasses NGINX completely and introduces anon-negligible performance penalty.

SSL Passthrough leverages SNI and reads the virtual domain from theTLS negotiation, which requires compatible clients. After a connectionhas been accepted by the TLS listener, it is handled by the controlleritself and piped back and forth between the backend and the client.

If there is no hostname matching the requested host name, the requestis handed over to NGINX on the configured passthrough proxy port(default: 442), which proxies the request to the default backend.

There is also this in docs:

SSL Passthrough

nginx.ingress.kubernetes.io/ssl-passthrough instructs the controllerto send TLS connections directly to the backend instead of lettingNGINX decrypt the communication. See also TLS/HTTPS in the User guide.

**NoteSSL Passthrough is disabled by default and requires starting thecontroller with the --enable-ssl-passthrough flag.

Attention

Because SSL Passthrough works on layer 4 of the OSI model (TCP) andnot on the layer 7 (HTTP), using SSL Passthrough invalidates all theother annotations set on an Ingress object.

So, according to the docs, in order for it to work you need to enable ssl-passthrough feature first. After this is done, you can use ssl-passthrough annotation but this invalidates all the other annotations and path based routing stops working.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last