New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssl-passthrough annotation not affecting routes #6722
Comments
@eg7eg7 I cannot reproduce this issue Create a Kubernetes cluster using kind and install ingress-nginx: https://kind.sigs.k8s.io/docs/user/ingress/#ingress-nginx Patch ingress-nginx deployment to add ssl-passthrough flag: kubectl patch deployment \
ingress-nginx-controller \
--namespace ingress-nginx \
--type='json' \
-p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--enable-ssl-passthrough"}]'
Create ingress, service, and deployment:
Check ssl-passthrough is enabled: kubectl exec -n ingress-nginx ingress-nginx-controller-bf59cd-dfjqk -- cat nginx.conf | grep is_ssl
is_ssl_passthrough_enabled = true, Using helm: helm install nginx ingress-nginx/ingress-nginx \
--set "controller.extraArgs.enable-ssl-passthrough=true"
....
kubectl exec nginx-ingress-nginx-controller-696fbfb447-vrnlw -- cat nginx.conf|grep is_ssl
is_ssl_passthrough_enabled = true, |
I just ran my cluster on kind as you mentioned, started the cluster with Helm but with a different name, which seems to be necassary in order for the krew ingress-nginx plugin to work
changed nginx to ingress-nginx
However, when running:
sshPassthrough is still false I just found a user who had a very similar problem to mine in stackoverflow |
@eg7eg7 this could be an issue with the krew plugin. Please run If that returns something like
ssl-passthrough is enabled and configured. |
it seems to be configured exactly like you wrote. |
@eg7eg7 not sure I understand what you mean by that. Using |
Does it seem the application only has one port?
please post the output of |
$ kubectl get service admin
$ kubectl get ep admin
Yes, the app is listening only in 3000 within the container |
The screenshot you posted uses the port |
Yes, my pc crashed just before my post which may explain it |
So I tried moving my cluster to aws (kubernetes version 1.18) and the ssl passthrough worked! the minikube version I was using where it didn't work was v1.15.1 with kubernetes v1.19.4, another user on StackOverflow tried to replicate my issue and confirmed it didn't work for him as well. Thanks a lot for your help @aledbf ! |
I got an same issue ! Is there any solution on minikube ? |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-contributor-experience at kubernetes/community. |
Rotten issues close after 30d of inactivity. Send feedback to sig-contributor-experience at kubernetes/community. |
@k8s-triage-robot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
My observation is consistent with your speculation that it's probably a bug in the krew plugin $ kubectl ingress-nginx backends --deployment ingress-nginx-private-controller -n ingress-nginx-private | grep sslPassthrough
"sslPassthrough": false,
"sslPassthrough": false,
"sslPassthrough": false, But the real
|
Hi, I'm currently moving my application into kubernetes using Helm, and ingress-nginx chart version 3.18.0 as my controller.
This helm chart's values for the controller image are (didn't change it):
accessing the service via NodePort works perfectly, but when using Ingress the TLS is not recognized, so I need the TLS to be terminated at the application, and my trusted cert to be passed to the application as well.
I added the flag --enable-ssl-passthrough to the controller to enable it but it still doesn't work
These are my configurations (after helm generation)
ingress.yaml
service.yaml
deployment.yaml
generated nginx.conf
nginx.conf (PasteBin)
In this file it shows that enabling SSL passthrough worked -
is_ssl_passthrough_enabled = true
However, I am also using the krew plugin for ingress-nginx for debugging
and running the following command yields:
$ kubectl ingress-nginx backends
It says that
"sslPassthrough": false
even though I used the passthrough annotation in the ingressIs there something that I am missing or is this a bug?
Thanks a lot, Eden
The text was updated successfully, but these errors were encountered: