TLS in Ingress setup timeout

5/27/2019

I deployed a basic service in my kubernetes cluster. I handle routing using this Ingress:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: owncloud
spec:
  rules:
    - host: example.com
      http:
        paths:
          - backend:
              serviceName: owncloud
              servicePort: 80

I generated a kubernetes secret in default namespace using a generated key and certificate. I named it example-tls and add it to the Ingress config under spec:

tls:
- secretName: example-tls
  hosts: 
    - example.com  

When I GET the service using https (curl -k https://example.com), it times out:

curl: (7) Failed to connect to example.com port 443: Connection timed out

It works using http.

What's possibly wrong here?

Here is the describe output of the concerned ingress:

Name:             owncloud
Namespace:        default
Address:
Default backend:  default-http-backend:80 (<none>)
Rules:
  Host                      Path  Backends
  ----                      ----  --------
  example.com
                               owncloud:80 (10.40.0.4:80)
Annotations:
  kubectl.kubernetes.io/last-applied-configuration:  {"apiVersion":"extensions/v1beta1","kind":"Ingress","metadata":{"annotations":{},"name":"owncloud","namespace":"default"},"spec":{"rules":[{"host":"example.com","http":{"paths":[{"backend":{"serviceName":"owncloud","servicePort":80}}]}}]}}

Events:  <none>

My Ingress Controller service:

$ kubectl describe service traefik-ingress-service -n kube-system

Name:                     traefik-ingress-service
Namespace:                kube-system
Labels:                   <none>
Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                            {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"traefik-ingress-service","namespace":"kube-system"},"spec":{"port...
Selector:                 k8s-app=traefik-ingress-lb
Type:                     NodePort
IP:                       10.100.230.143
Port:                     web  80/TCP
TargetPort:               80/TCP
NodePort:                 web  32001/TCP
Endpoints:                10.46.0.1:80
Port:                     admin  8080/TCP
TargetPort:               8080/TCP
NodePort:                 admin  30480/TCP
Endpoints:                10.46.0.1:8080
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>
-- Baptiste Arnaud
kubernetes
kubernetes-ingress
nginx-ingress
traefik-ingress

0 Answers