Nginx Ingress Controller - Api responding in port 80 and 443
I need my API hosted in AKS to respond in ports 80 and 443. In port 80 because some of my current clients are using port 80 "hardcoded" and their HttpClients do not follow redirects...
my first try was:
apiVersion: v1
kind: Service
metadata:
name: myApp-service
namespace: myAppe-main
labels:
app: myApp-service
spec:
ports:
- port: 80
targetPort: 80
protocol: TCP
name: http
- port: 443
targetPort: 443
protocol: TCP
name: https
selector:
app: myApp-deploy
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: myApp-ingress
namespace: myApp-main
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: H2C
nginx.ingress.kubernetes.io/secure-backends: 'true'
nginx.ingress.kubernetes.io/ssl-passthrough: 'true'
spec:
rules:
- host: myApp.MyInternalDns.net
http:
paths:
- backend:
service:
name: myApp-service
port:
number: 80
path: /
pathType: Prefix
https:
paths:
- backend:
service:
name: myApp-service
port:
number: 443
path: /
pathType: Prefix
Although AKS accepts this yaml, it chops off the https part of it...
How can I make the ingress open both ports and have it working on http and https?
To set up Nginx Ingress Controller in AKS that responds on both HTTP (port 80) and HTTPS (port 443), and routes traffic correctly to your services, you need to configure both the Ingress resource and the associated service. It looks like there might be a mistake or misconfiguration in your YAML, especially around the https rules under the Ingress specification, which is not a valid field directly under rules.
Ensure that the Nginx Ingress Controller is installed in your AKS cluster. If it's not already installed
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm install nginx-ingress ingress-nginx/ingress-nginx --namespace ingress-basic --create-namespace
Configure your deployment and service
Example (replace with your own deployment file) -
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
namespace: default
spec:
selector:
matchLabels:
app: myapp
replicas: 2
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: nginx
image: nginxdemos/hello
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: myapp-service
namespace: default
spec:
selector:
app: myapp
ports:
- port: 80
targetPort: 80
name: http
Now set up Ingress to handle HTTP and HTTPS. Configure Your Ingress Resource accordingly, i.e. you need to define TLS settings for HTTPS support. If your service needs to support HTTPS directly (not just terminating at the ingress), ensure your application inside the pod is configured for HTTPS and listening on port 443. In most cases, you'll terminate SSL at the ingress and forward traffic as HTTP to your pods. Example-
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: myapp-ingress
namespace: default
spec:
ingressClassName: "nginx"
tls:
- hosts:
- "myapp.example.com"
secretName: myapp-tls
rules:
- host: "myapp.example.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: myapp-service
port:
number: 80
If you haven’t created a TLS secret yet and are using a self-signed certificate for testing then
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout myapp.key -out myapp.crt -subj "/CN=myapp.example.com/O=myapp"
kubectl create secret tls myapp-tls --key myapp.key --cert myapp.crt -n default
Done. You can verify as below
kubectl get ingress -n default
References:
- How to simulate DDOS/Slashdotting?
- How can I allow access to a single IP address via Nginx.conf?
- Is there a way to generate a helm install script from a ConfigMap?
- FastAPI with nginx does not serve static files in HTTPS
- NGINX reverse proxy returns HTTP 400 with a invalid header line for my flutter app.Works fine in Postman
- File copied in dockerfile: Not found if in specific location
- CentOS 7 - NGINX - DNS Load Balance
- What is the right way to declare memory resource in AWS ECS task definition for Docker Nginx?
- nginx "server_tokens off" does not remove the server header
- How to correctly run streamlit app with nginx on https?
- nginx in docker 502
- How to parse several log nginx files using goaccess
- Conditional set up of a proxy server on Server A that allows Server B to perform Docker operations through a http proxy
- HTTP to HTTPS Nginx too many redirects
- Permission Denied on Socket File - NGINX + Gunicorn + Flask
- Are location specific logfiles treated different?
- nginx the "ssl" directive is deprecated, use the "listen ... ssl"
- Run Nginx as Windows service
- Unicode special character U+FFFD returning from my Nest.JS API, but only sometimes
- SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
- fatal: repository not found, 404
- Undefined variable $form on remote server
- nginx how to check the value of optional header
- Pm2 process stops running automatically in ubuntu server
- NGINX Ingress Controller Proxying Websocket Connections
- Why is the initial connection time for a HTTP request so long?
- Nginx Error 413 Entity too large on AWS ELB
- Connection Refused Between SSR Next.js and Laravel API
- Kubernetes nginx Ingress rewrite-target results in double slash
- Configure nginx using reverse_proxy and wordgpress for subdirectory /blog