Ingress Nginx Proxy to Outside Website (Webflow hosted)

1/27/2021

I have an EKS cluster, and a separate website built on (and hosted by) Webflow.

The cluster is behind cluster.com and the website website.webflow.io

What I would like to achieve is to proxy requests coming to cluster.com/website to website.webflow.io

Based on my research, this problem could/might be solved with the ExternalName service. Unfortunately, it doesn't solve it for me, and it's trying to do a DNS lookup within the cluster. I tried various other configurations with Endpoints as well. The ExternalName seems the most promising of everything I tried that's why I'm attaching the configuration below.

Here is what my configuration looks like:

---
kind: Service
apiVersion: v1
metadata:
  namespace: development
  name: external-service
spec:
  type: ExternalName
  externalName: website.webflow.io
  ports:
    - port: 443
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  namespace: development
  name: external-ingress
  annotations:
    ingress.kubernetes.io/preserve-host: "false"
    ingress.kubernetes.io/secure-backends: "true"
    ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/server-snippet: |
      proxy_ssl_name website.webflow.io;
      proxy_ssl_server_name on;
spec:
  rules:
  - host: cluster.com
    http:
      paths:
      - path: /website
        backend:
          serviceName: external-service
          servicePort: 443

Is there a straight-forward way to achieve this? What stands out as wrong in the configuration?

-- Andrei Gaspar
amazon-eks
kubernetes
nginx
nginx-ingress

1 Answer

1/28/2021

Here is what I did.

I applied your config but changed the following annotation name:

ingress.kubernetes.io/upstream-vhost: "website.webflow.io"

To the one I have found in the nginx ingress docs:

nginx.ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
^^^^^^

Try it and let me know if it solves it.

EDIT: here is a complete yaml I used:

---
kind: Service
apiVersion: v1
metadata:
  name: external-service
spec:
  type: ExternalName
  externalName: website.webflow.io
  ports:
    - port: 443

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: external-ingress
  annotations:
    ingress.kubernetes.io/preserve-host: "false"
    ingress.kubernetes.io/secure-backends: "true"
    nginx.ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/server-snippet: |
      proxy_ssl_name website.webflow.io;
      proxy_ssl_server_name on;
spec:
  rules:
  - host: cluster.com
    http:
      paths:
      - path: /website
        backend:
          serviceName: external-service
          servicePort: 443
-- Matt
Source: StackOverflow