Kubernetes TLS ingress domain response 404

8/3/2018

I created an ingress tls rule inside a GKE cluster which uses an nginx controller which uses an invalid certificate for testing purposes.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: backend
  namespace: staging
spec:
  rules:
  - host: app.staging.xx.xx.xx.xx.nip.io
    http:
      paths:
      - backend:
          serviceName: backend
          servicePort: 8000
        path: /
  tls:
  - hosts:
    - app.staging.xx.xx.xx.xx.nip.io
    secretName: tls-keys

The referenced Secret

apiVersion: v1
data:
  tls.crt: base64 encoded key
  tls.key: base64 encoded key
kind: Secret
metadata:
  name: tls-keys
  namespace: staging
type: kubernetes.io/tls

The backend service for my pods

apiVersion: v1
kind: Service
metadata:
  labels:
    app: backend
  name: backend
  namespace: staging
spec:
  clusterIP: 10.63.255.180
  ports:
  - port: 8000
    protocol: TCP
    targetPort: 8000
  selector:
    app: backend

When I access the page https://app.staging.xx.xx.xx.xx.nip.io the page suspiciously shows me the invalid Kubernetes Ingress Controller Fake Certificate instead of my custom invalid certificate.

Continuing with the security exception I get the default backend - 404

Why does my website not show up?

Is there are way to get more information why this is happening?

-- Roderick Jonsson
kubernetes
kubernetes-ingress
ssl-certificate

0 Answers