Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Disable SSL redirect for Kubernetes NGINX ingress

An SSL redirect is enabled by default in a Kubernetes NGINX ingress. How can this be disabled? Current implementation below:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: project_name-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - http:
      paths:
      - path: /
        backend:
          serviceName: project_name
          servicePort: 80
like image 686
Will Squire Avatar asked Apr 29 '18 14:04

Will Squire


People also ask

How do you stop nginx Kubernetes ingress?

Sometimes we need to disable the Kubernetes Ingress. For instance, by default the controller redirects (308) to HTTPS if TLS is enabled for that ingress. If we want to disable this behavior globally, we can use ssl-redirect: “false” in the NGINX.

How do I fix Kubernetes ingress controller fake certificate?

Solution: Kubernetes Ingress Controller fake certificate is returned by the NGINX ingress controller. You can configure --default-ssl-certificate in daemonset nginx-ingress-controller to replace "Kubernetes Ingress Controller Fake Certificate”.

What is SSL termination in ingress?

SSL termination refers to the process of decrypting encrypted traffic before passing it along to a web server.


1 Answers

Adding nginx.ingress.kubernetes.io/ssl-redirect: "false" to annotations will disable the SSL redirect:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: project_name-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
spec:
  rules:
  - http:
      paths:
      - path: /
        backend:
          serviceName: project_name
          servicePort: 80

Note that false is wrapped in quotation marks. I found it didn't work without this string casting.

like image 84
Will Squire Avatar answered Sep 28 '22 03:09

Will Squire