How to specify Proxy Pass in kubernetes

5/3/2019

I have my assets on s3 and my service is deployed on kubernetes. Is it possible to define proxy pass in nginx-ingress. My current nginx proxy_pass assets to s3 and I want to replicate in kubernetes.

location /assets/ {
          proxy_pass https://s3.ap-south-1.amazonaws.com;
   }

I tried this but its not working

nginx.ingress.kubernetes.io/server-snippet: |
      location /assets/ {
              proxy_pass https://s3.ap-south-1.amazonaws.com/assets/;
      }
-- ayush lodhi
kubernetes
nginx
nginx-ingress

2 Answers

2/22/2020

You can use proxy_pass in Ingress as in normal Nginx.

So if you have some local or public HTTP/HTTPS service which is outside of Kubernetes cluster and you want to serve this through Ingress, you just need this:

kind: Ingress
apiVersion: extensions/v1beta1
metadata:
  name: owncloud
  namespace: default
  annotations:
    kubernetes.io/ingress.class: nginx
    ingress.kubernetes.io/ssl-redirect: "true"
    ingress.kubernetes.io/secure-backends: "true"
    ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/server-snippet: |
      location ~ "^/(.*)" {
        proxy_pass http://192.168.250.100:8260;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto https;
      }
spec:
  rules:
  - host: owncloud.example.com
  tls:
  - hosts:
    - owncloud.example.com
    secretName: owncloud-example-tls
  • Remove ssl, secure, X-Forwarded-Proto and tls bits if you don't need HTTPS

  • You can add more location blocks such as ~ "^/api/(.*)" so it works as normal Nginx

  • It will retain domain name so for instance in browser's address bar you will have original one. In case you need to do a full redirect, start experimenting with proxy_set_header Host $host; removal

Hope that helps someone

-- laimison
Source: StackOverflow

5/4/2019

You can try to use service of type ExternalName here like that:

kind: Service
apiVersion: v1
metadata:
  name: s3-ap-south
spec:
  type: ExternalName
  externalName: s3.ap-south-1.amazonaws.com
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: s3-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
spec:
  rules:
  - host: YOUR_HOSTNAME
    http:
      paths:
      - backend:
          serviceName: s3-ap-south
          servicePort: 443
-- Vasily Angapov
Source: StackOverflow