I am having same requirements like metioned in this post - https://tech.holidayextras.com/routing-to-internal-kubernetes-services-using-proxies-and-ingress-controllers-e7eb44954d53
But I am not sure of what is that ipaddresses of backends mentioned there. I assumed it is the ips of my master and worker nodes in my cluster
My kubernetes has master node ip as 10.118.6.35 and worker node ip as 10.118.2.215 which are AWS ec2 instances.
So when I configured like below in my nginx.conf(please refer below), I am getting index.html rendered when I do curl https://10.118.6.35
But when I do https://10.118.6.35/hello-kenzan I am getting nginx error page default 404 page But I expect to route it to my kubernetes services running in NodePort 80:30854
I have followed steps as mentioned in that post. FYI, I am showing the echo-ing.yaml below -
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: echomap
annotations: {
'kubernetes.io/ingress.class': nginx
}
spec:
rules:
- host: ip-10-118-6-35.ec2.internal
http:
paths:
- path: /hello-kenzan
backend:
service and: hello-kenzan
service port: 80And below is nginx.conf -
http {
ssl_certificate ...
....
....
server {
listen 443 SSL;
server_name www.ip-10.118-6-35.ec2.internal.com;
root /usr/share/nginx/html;
ssl_certificate ...
...
...
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
upstream backend_nodes {
server 10.118.6.35:31001;
server 10.118.2.215:31001;
}
upstream backend_nodes_ssl {
server 10.118.6.35:32001;
server 10.118.2.215:32001;
}
server {
listen 80;
server_name backends.nodes;
location / {
proxy_pass https://backend_nodes;
}
}
server {
listen 443;
server_name backends.nodes.ssl;
location / {
proxy_pass https://backend_nodes_ssl;
}
}
}
Please suggest what to give for backend node ips
Update
Hey finally made it to work when I try with IP address from browser instead of DNS name -
https://10.118.6.35/hello-kenzan <- this working now https://myservice.myorg.com/hello-kenzan <- this not working by giving nginx error page temporarily unavailable.
But https://myservice.myorg.com <- works by taking to welcome to nginx index page.
This is my modified nginx.conf -
http {
ssl_certificate ...
....
....
server {
listen 80;
server_name ip-10.118-6-35.ec2.internal;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
}
location /hello-kenzan {
proxy_pass https://backend_nodes;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 443 SSL;
server_name ip-10.118-6-35.ec2.internal;
root /usr/share/nginx/html;
ssl_certificate ...
...
...
include /etc/nginx/default.d/*.conf;
location / {
}
location /hello-kenzan {
proxy_pass https://backend_nodes_ssl;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
upstream backend_nodes {
server 10.96.88.237:80
}
upstream backend_nodes_ssl {
server 10.96.88.237:443
}
}
Any thoughts??
while you are trying with master IP and node Ip is absolutely wrong with the approach of nginx ingress controller. when you add the ingress nginx controller it make load balancer behind (if using aws, digital ocean you check that load balacer in console of it).
you have to use the load balancer ip rather then using ip of node and master ip. starting nginx ingress controller
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml
for more info visit this if any query add comment :
https://knowihave.blogspot.com/2019/02/how-to-set-up-nginx-ingress-with-cert.html
here at last it's installing cert manager you can remove that part other all thing is easy and simple.