I have an EKS cluster, and a separate website built on (and hosted by) Webflow.
The cluster is behind cluster.com
and the website website.webflow.io
What I would like to achieve is to proxy requests coming to cluster.com/website
to website.webflow.io
Based on my research, this problem could/might be solved with the ExternalName service. Unfortunately, it doesn't solve it for me, and it's trying to do a DNS lookup within the cluster. I tried various other configurations with Endpoints as well. The ExternalName seems the most promising of everything I tried that's why I'm attaching the configuration below.
Here is what my configuration looks like:
---
kind: Service
apiVersion: v1
metadata:
namespace: development
name: external-service
spec:
type: ExternalName
externalName: website.webflow.io
ports:
- port: 443
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: development
name: external-ingress
annotations:
ingress.kubernetes.io/preserve-host: "false"
ingress.kubernetes.io/secure-backends: "true"
ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
nginx.ingress.kubernetes.io/server-snippet: |
proxy_ssl_name website.webflow.io;
proxy_ssl_server_name on;
spec:
rules:
- host: cluster.com
http:
paths:
- path: /website
backend:
serviceName: external-service
servicePort: 443
Is there a straight-forward way to achieve this? What stands out as wrong in the configuration?
Here is what I did.
I applied your config but changed the following annotation name:
ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
To the one I have found in the nginx ingress docs:
nginx.ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
^^^^^^
Try it and let me know if it solves it.
EDIT: here is a complete yaml I used:
---
kind: Service
apiVersion: v1
metadata:
name: external-service
spec:
type: ExternalName
externalName: website.webflow.io
ports:
- port: 443
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: external-ingress
annotations:
ingress.kubernetes.io/preserve-host: "false"
ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/upstream-vhost: "website.webflow.io"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
nginx.ingress.kubernetes.io/server-snippet: |
proxy_ssl_name website.webflow.io;
proxy_ssl_server_name on;
spec:
rules:
- host: cluster.com
http:
paths:
- path: /website
backend:
serviceName: external-service
servicePort: 443