I have argo cd running in my EKS cluster , and now I want to have DNS name on top so I can access it easily using a domain.
I am able to configure but when I access the url in browser it always goes to https(non secure ) mode. I read couple of same issues here but there are not directly relevant .
Below is an ingress that I have tried
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd
namespace: argocd
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
nignx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
spec:
ingressClassName: nginx
rules:
- host: argocd.example.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: argocd-server
port:
number: 443
tls:
- hosts:
- argocd.example.com
secretName: argocd-secret
if I am trying to remove the annotation nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" then I get a different error which is related redirection in loop.
I am not sure what else I need to add to the ingress here so it can route to https rather of http
nginx.ingress.kubernetes.io/ssl-passthrough works on TCP level and not on HTTP level. Therefore, nignx.ingress.kubernetes.io/force-ssl-redirect should be invalidated by the ssl-passthrough annotation.
Check for more info: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md#ssl-passthrough
Try removing the ssl-passthrough annotation and it should work as expected.