K
Q

SSL Passthrough with Nginx

6/27/2018

I have setup a Nginx Ingress to proxy traffic to a Kubernetes cluster I have setup with kubeadm. This seems to be working well.

On the host (where the Master node is setup) I have a number of other services running that are being proxied by another Nginx (publicly facing).

What I want to achieve is route all the traffic to a specific domain (pointing to the cluster) from the first Nginx (facing the public) to the Nginx running in the cluster.

Internet -----> Nginx Public -----> Nginx Ingress -----> Cluster

Nginx Ingress is listening on TLS/SSL traffic.

So I want to passthrough SSL traffic to it via the public Nginx.

I attempted it with the following which didnt seem to work.

upstream cluster {
    server 10.109.70.33:443 max_fails=10 fail_timeout=10s;
}

server {
    listen 80;
    listen [::]:80;

    listen 443;
    listen [::]:443;

    server_name *.dev-new.test.co;

    access_log /var/log/nginx/cluster-access.log;
    error_log  /var/log/nginx/cluster-error.log;

    location / {
        proxy_pass https://cluster;
    }
}
-- nixgadget
kubernetes
nginx
ssl

Similar Questions

How can I share a directory between containers in Kubernetes that originates from a container?
how to manage microservice online?
Is it possible to combine small Kubernetes configurations to a big one
Monitor Calico network policies behavior
livenessProbe seems not to be executed

1 Answer

6/27/2018

You need to add

proxy_set_header Host $host;

in your proxy_pass block. This is needed so the server knows which virtual host you are trying to look into

-- Tarun Lalwani
Source: StackOverflow