I've got a K8s ingress and one http and one https backend.
browser -> https -> ingress -> http -> sonarqube
browser -> https -> ingress -> https -> unifi controller
If I'm using this config:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
name: ingress-test
spec:
rules:
- host: sonar.app.singel.home
http:
paths:
- backend:
service:
name: sonar-service
port:
number: 9000
path: /
pathType: Prefix
- host: unifi.app.singel.home
http:
paths:
- backend:
service:
name: unifi-controller
port:
number: 8443
path: /
pathType: Prefix
Then the http backend will work (sonarQube), and the https backend will not. Now if I add the annotation:
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
Then the https backend will work (unifi controller), and the http backend will not.
I guess I want the annotation to only apply to one of the rules, but I'm not sure this is possible?
My assumption was that you can have only one ingress config. But you can have multiple. So the solution is to create two configs and load these, each with their own annotation. Like so:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
name: ingress-1
spec:
rules:
- host: unifi.app.singel.home
http:
paths:
- backend:
service:
name: unifi-controller
port:
number: 8443
path: /
pathType: Prefix
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
name: ingress-2
spec:
rules:
- host: sonar.app.singel.home
http:
paths:
- backend:
service:
name: sonar-service
port:
number: 9000
path: /
pathType: Prefix
You can use the tls
as said in k8s doc
For ex:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: '0'
name: ingress-test
spec:
tls:
- hosts:
- sonar.app.singel.home
secretName: test-tls
rules:
- host: sonar.app.singel.home
http:
paths:
- backend:
service:
name: sonar-service
port:
number: 9000
path: /
pathType: Prefix