- Setup: Azure AKS with application gateway ingress, annotated with
ssl-redirect=true - Problem: Root path doesn't get redirected to HTTPS.
Here's my ingress.yml:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/backend-path-prefix: /
appgw.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- my.company.com
secretName: my
rules:
- host: my.company.com
http:
paths:
- path: /*
backend:
serviceName: my-gui-svc
servicePort: 80
- path: /svc1/*
backend:
serviceName: my-svc1-svc
servicePort: 80
- path: /svc2/*
backend:
serviceName: my-svc2-svc
servicePort: 80
Here's the resonse from curl on one of the non-root routes:
C:\>curl http://my.company.com/svc1/
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>Microsoft-Azure-Application-Gateway/v2</center>
</body>
</html>
And here it is for the root rule:
C:\>curl http://my.company.com/foo
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
...
I also tried playing with the order in which the rules are listed, putting the root path at the end for example, but it didn't make a difference.
This is the result of kubectl describe ingress:
C:\>kubectl describe ingress
Name: my-ingress
Namespace: default
Address:
Default backend: default-http-backend:80 (<none>)
TLS:
my terminates my.company.com
Rules:
Host Path Backends
---- ---- --------
my.company.com
/* my-gui-svc:80 (10.0.0.28:80)
/svc1/* my-svc1-svc:80 (10.0.0.61:80)
/svc2/* my-svc2-svc:80 (10.0.0.77:80)
Annotations:
appgw.ingress.kubernetes.io/backend-path-prefix: /
appgw.ingress.kubernetes.io/ssl-redirect: true
kubectl.kubernetes.io/last-applied-configuration: {"apiV...
kubernetes.io/ingress.class: azure/application-gateway
Events: <none>
Also, when I examine the rules in the Azure portal, this is what I see:
(name/site strings in the picture have been modified for security)
What am I doing wrong?
