I have referred to the following discussion feat(router) allow TLS passthrough in stream router by fffonion · Pull Request #6757 · Kong/kong · GitHub
It seems that support for tls passthrough has been added in Kong gateway, but I am not able to get it to work in kong-ingress-controller
Kong helm chart version : kong-2.13.1
App version: 3.0
here is my manifest
kind: Service
apiVersion: v1
metadata:
name: example-service
annotations:
ingress.kubernetes.io/service-upstream: "true"
spec:
ports:
- protocol: TCP
port: 443
type: ExternalName
externalName: www.example.com
---
apiVersion: configuration.konghq.com/v1beta1
kind: TCPIngress
metadata:
name: tls-passthru
annotations:
kubernetes.io/ingress.class: kong
spec:
rules:
- host: www.example.com
port: 9443
backend:
serviceName: example-service
servicePort: 443
I am making https request
curl -v --header 'Host: www.example.com' https://$KONG-IP:9443/
the kong seems to be trying to terminate tls before forwarding the stream to the service. What am I missing in the config