I have nginx.conf with following configuration.
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 65;
proxy_send_timeout 65;
proxy_read_timeout 300;
proxy_buffers 4 256k;
proxy_buffer_size 128k;
proxy_busy_buffers_size 256k;
large_client_header_buffers 8 64k;
client_header_buffer_size 64k;
client_max_body_size 1024m;
server {
listen 443 ssl;
server_name server1.com;
ssl_certificate /etc/nginx/ssl/server1.com.crt;
ssl_certificate_key /etc/nginx/ssl/server1.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
proxy_ssl_session_reuse on;
proxy_ssl_protocols TLSv1.2;
rewrite_log on;
proxy_cache_bypass $http_cache_control;
proxy_ignore_headers "Set-Cookie";
add_header X-Proxy-Cache $upstream_cache_status;
location / {
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
location ~ ^/(files/app) {
proxy_pass http://server1.com:31111;
}
proxy_pass https://server2.com;
}
}
I would like to shift my nginx config to kubernetes ingress-nginx ingress.yml. Is there a way to implement this config using kubernetes Ingress resources?
This is my ingress.yml which ofcourse isnt working and hitting the url https://server1.com/files/app goes into multiple redirections and throwing 502 Bad Gateway in the end.
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
meta.helm.sh/release-name: my-service
meta.helm.sh/release-namespace: default
generation: 1
labels:
app.kubernetes.io/managed-by: Helm
name: my-service
namespace: default
selfLink: /apis/extensions/v1beta1/namespaces/default/ingresses/my-service
spec:
rules:
- host: server1.com
http:
paths:
- backend:
serviceName: my-service
servicePort: 31111
path: /files/app
pathType: ImplementationSpecific
The solution was removing entries from httpd.conf. my service was directly bypassing the request but I had provided these entries in httpd conf as well due to which it was looping internally. As far as ingress rule is concerned. Above configuration worked fine after i removed related rules from httpd.conf.