I'm running a .NET 5 API application on Kubernetes as well as Identity Server in separate pods on my laptop using Docker Desktop. Both applications are made available for consumers using the nginx ingress controller. When I call the ingress in the browser from outside of the cluster, it works well. Also, when I run the API from Visual Studio, the connection to Identity Server via the ingress is successful.
But when I deploy the API to Kubernetes, the pod that runs the API can't connect to the ingress. The API uses the ingress to call Identity Server because it has to happen over https. SSL is terminated by the ingress and forwarding traffic to the pods over http. The ingress address to IdentityServer is https://k8s-local.com/identityserver. From the API pod, the DNS is known; when I execute a ping, it goes ok. When I perform a curl command to this address from the pod, I'm getting a Connection Refused error:
curl: (7) Failed to connect to k8s-local.com port 443: Connection refused
How do I make the ingress DNS available to the pods?
This is what my ingress.yml looks like:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
spec:
tls:
- hosts:
- k8s-local.com
secretName: local-tls
rules:
- host: k8s-local.com
http:
paths:
- pathType: Prefix
path: /identityserver/
backend:
service:
name: identityserver-service
port:
number: 5000
- pathType: Prefix
path: /customer-api/
backend:
service:
name: customer-api-service
port:
number: 5000
This is what I get when I run kubectl get services -n ingress-nginx
:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.109.3.50 localhost 80:31964/TCP,443:32210/TCP 11d
ingress-nginx-controller-admission ClusterIP 10.105.158.51 <none> 443/TCP 11d
And kubectl get ingress
:
NAME CLASS HOSTS ADDRESS PORTS AGE
my-ingress <none> k8s-local.com localhost 80, 443 6d11h