I have a web service running on a port on my local network exposed at port 6003. I also have a Kubernetes Cluster running on a different machine on the same network that uses and Nginx Ingress to proxy to all the services in the cluster. How can I set up an ingress to proxy to the machine? I had a set up that worked. But now, I am either getting DNS errors on the nginx pod or the response times out in the browser and nothing happens.
Here is the manifest I have been using.
apiVersion: v1
kind: Service
metadata:
name: myservice-service
spec:
type: ExternalName
externalName: 192.xxx.xx.x
ports:
- name: myservice
port: 80
protocol: TCP
targetPort: 6003
---
apiVersion: v1
kind: Endpoints
metadata:
name: myservice-ip
subsets:
- addresses:
# list all external ips for this service
- ip: 192.xxx.xx.x
ports:
- name: myservice
port: 6003
protocol: TCP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: service.example.com
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
rules:
- host: service.example.com
http:
paths:
- backend:
serviceName: myservice-service
servicePort: 80
path: /
tls:
- secretName: secret-prod-tls
hosts:
- service.example.comEdit for more information: This manifest does work. What I realized is that you must specify https even though the ingress has a tls block. This still is showing Lua DNS errors in the Nginx-ingress pod though.
You don't need ExternalName here. Usual headless service will do the job:
apiVersion: v1
kind: Service
metadata:
name: external-ip
spec:
ports:
- name: http
port: 80
clusterIP: None
type: ClusterIP
---
apiVersion: v1
kind: Endpoints
metadata:
name: external-ip
subsets:
- addresses:
- ip: 172.17.0.5
ports:
- name: http
port: 80You MUST specify nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" in your ingress resource if upstream listening for HTTPS requests. So, this is related to backend, not ingress itself. TLS configuration is for Ingress (frontend), and not for backend application.