Giter Club home page Giter Club logo

Comments (10)

pasztorl avatar pasztorl commented on June 21, 2024 2

@ocdi yes, that is a solution, but.. the problem is that the sent out response use: https://xxx:443 and because of this the redirect location and the access log contains the :443 string. What I want to achieve that if a request goes to ingress to http://xxx the ingress send out the location with https and without port number like this: https://xxx

from kubernetes-ingress.

ivanmatmati avatar ivanmatmati commented on June 21, 2024 2

Hi @pasztorl , we'll discuss the need you expressed with the team.

from kubernetes-ingress.

ivanmatmati avatar ivanmatmati commented on June 21, 2024

Hi @pasztorl , We provide the ssl-redirect to redirect to ssl and ssl-redirect-port in case you need to redefine the port because of a different port like you explained. We redirect by default to the container port because it would be strange that with a direct access to haproxy from the cluster you would have to redefine the port because we would redirect to a non existing port. While if you have haproxy behind any middleware with a different port, it makes sense to adjust the redirection port in this case.

from kubernetes-ingress.

pasztorl avatar pasztorl commented on June 21, 2024

Hi @ivanmatmati , I understand it, and i think this option is important, but there is a way not to add :443 if the port is default https? I also forward the logs to a logdb and this case I have entries to example.com and example.com:443 from the redirects. Of course I can rewrite the log entry and delete the :443 but it would be better that the location sent out not contains the :443. There is a chance to configure that via haproxy?

from kubernetes-ingress.

ocdi avatar ocdi commented on June 21, 2024

This seems plain wrong to me. I shelled into the container and looked at the config, and I can see this line.

/etc/haproxy $ cat haproxy.cfg|grep 8443
  http-request redirect location https://%[hdr(host),field(1,:)]:8443%[capture.req.uri] code 302 if { var(txn.path_match) -m dom 92afcf7456e1a884dd198b1f8bfb6f63 }

I recently upgraded and are getting customer reports of this issue. This is standard web traffic, the redirect is going over the wire, outside the cluster. The controller has a load balancer service that is running on port 443, that internally goes to the 8443 port.

from kubernetes-ingress.

ocdi avatar ocdi commented on June 21, 2024

I was able to solve this by applying the port override to the helm chart.

name: controller.config.ssl-redirect-port
value: '443'

from kubernetes-ingress.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.