You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
---
# Source: nginx/templates/ingress.yamlapiVersion: networking.k8s.io/v1kind: Ingressmetadata:
name: release-name-nginxnamespace: "debug"labels:
app.kubernetes.io/instance: release-nameapp.kubernetes.io/managed-by: Helmapp.kubernetes.io/name: nginxapp.kubernetes.io/version: 1.25.5helm.sh/chart: nginx-16.0.6annotations:
cert-manager.io/cluster-issuer: letsencrypt-stagingspec:
ingressClassName: "nginx"rules:
- host: "foo.example.com"http:
paths:
- path: /pathType: ImplementationSpecificbackend:
service:
name: release-name-nginxport:
name: https # 👈 This port seems to be the defaulttls:
- hosts:
- "foo.example.com"secretName: foo.example.com-tls
And since the default backend protocol in Nginx Ingress Controller is HTTP, it cannot use the https port without further configuration of either the application or of the ingress controller. I don't think the bitnami/nginx application need to accommodate every single ingress controller out there, but Nginx is such a common choice that I think this new default setting will be an issue for many users.
This behavior may have been introduced in #20934 but I'm not sure.
I think we should either use http by default or set the nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" annotation when ingress.tls=true is set, so it works "out-of-the-box" for most people. There may be other solutions too, please pitch in.
The text was updated successfully, but these errors were encountered:
I've also wondered that, but I couldn't find any documentation on what the intention was with that condition. It's a rather complex condition, so no wonder if they got it the wrong way around.
Name and Version
bitnami/nginx 16.0.6
What architecture are you using?
None
What steps will reproduce the bug?
bitnami/nginx
chart!)values.yaml
indicated below.helm install www oci://registry-1.docker.io/bitnamicharts/nginx --version 16.0.6 -f values.yaml
Are you using any custom parameters or values?
values.yaml
What is the expected behavior?
I would expect the Nginx web server to start serving requests via my Ingress controller, secured via the TLS certificate provided by cert-manager:
What do you see instead?
Additional information
The reason for the app not serving correctly is that the backend port used by default is
https
:And since the default backend protocol in Nginx Ingress Controller is HTTP, it cannot use the
https
port without further configuration of either the application or of the ingress controller. I don't think the bitnami/nginx application need to accommodate every single ingress controller out there, but Nginx is such a common choice that I think this new default setting will be an issue for many users.This behavior may have been introduced in #20934 but I'm not sure.
I think we should either use
http
by default or set thenginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
annotation wheningress.tls=true
is set, so it works "out-of-the-box" for most people. There may be other solutions too, please pitch in.The text was updated successfully, but these errors were encountered: