Created
January 15, 2020 09:52
-
-
Save amitlt/3bf812f8385b1bed10e64a7d288ffcb2 to your computer and use it in GitHub Desktop.
Kubernetes nginx ingress ssl redirect behind SSL termination LB
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| annotations: | |
| # Since the SSL term happens at the LB level, nginx will always receive HTTP traffic, which will always cause 'force-ssl-redirect' to loop and the browser to get a 'too many redirects' error. | |
| # What we need to check in order to remedy this is which protocol the LB receives traffic in, HTTP or HTTPS, we do this by checking the header 'X-Forwarded-Proto', if it's HTTP, we redirect the client to the current URL ($host$request_uri), but with an added 'https://' prefix | |
| nginx.ingress.kubernetes.io/configuration-snippet: | | |
| if ($http_x_forwarded_proto = 'http'){ | |
| return 301 https://$host$request_uri; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment