I have an nginx-ingress and ELB with TCP:
I need TCP balancing because I use WebSocket.
nginx-ingress service annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-connection-draining-enabled: "true"
service.beta.kubernetes.io/aws-load-balancer-connection-draining-timeout: "60"
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "3600"
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:iam::<certificate arn>
service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: ELBSecurityPolicy-TLS-1-2-2017-01
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https
I want to redirect all http to https. But if I set nginx.ingress.kubernetes.io/force-ssl-redirect: "true" in annotations I would get redirect loop (TOO_MANY_REDIRECTS).
How to redirect clients to HTTPS with enabled proxy-protocol?