How to use https when sending trafic to pods

Hello,

I have a problem with one of our microservices, the application running on pod and reachable via https://, but when I use Ingress i see in the kong proxy logs the upstream something like that

2020/09/16 09:19:50 [error] 22#0: *4915538 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 10.0.3.99, server: kong, request: “GET /service HTTP/2.0”, upstream: http:// 172.0.26.50:443/

This is my ingress configuration

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: service
namespace: dev
annotations:
konghq.com/strip-path: “true”
konghq.com/protocol: “https”
ingress.kubernetes.io/service-upstream: “true”
ingress.kubernetes.io/ssl-passthrough: “true”
spec:
rules:
- host: domain .com
http:
paths:
- path: /service
backend:
serviceName: service
servicePort: 443

Do you see the same issue if you move the protocol annotation onto your Service?

There are, somewhat confusingly, two similarly-named annotations in this area, protocol (singular) for Services, which corresponds to the protocol setting on Kong services, and protocols (plural) for Ingresses, which corresponds to the protocols setting on Kong routes.

The similar naming is because these address the same concept on different sides of the connection: protocol controls whether the Kong proxy uses HTTP or HTTPS when communicating with the upstream service, and protocols controls whether clients can use HTTP and/or HTTPS when connecting to the Kong proxy.

In your case, you need the former, and it must be present on the Service referenced by the Ingress (backend.serviceName: service) rather than the Ingress itself.

1 Like

Thanks for your help, it works


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ