-
Notifications
You must be signed in to change notification settings - Fork 467
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Documentation suggestion: Setting up an Ingress with TLS enabled #1642
Comments
Thank you for your contribution! This issue has been automatically marked as |
Hi @ameyp, thank you for sharing the solution you found! We would be grateful if you could add this information to the Tips and tricks section of our docs page! |
Thank you for your contribution! This issue has been automatically marked as |
Is your feature request related to a problem? Please describe.
The default
cr-*.yaml
files set up an Ingress that doesn't seem to work. There's no host matching, and with a traefik ingress controller I couldn't figure out how to access the Vault UI. I tried creating an Ingress for it the same way I have for other services, buthttps
wouldn't work. Here's the YAML I used:The Ingress was created, but visiting it in my browser would just give me an error:
I couldn't figure out what was going wrong, and after searching for that error and trying solutions in vain, I happened upon the answer while reading https://kubernetes.io/docs/concepts/services-networking/ingress/:
That helped me realize that Traefik was terminating my TLS traffic, and attempting to send regular HTTP traffic to the vault service, hence the error. I then created the following ingress with TLS passthrough, and it worked:
Describe the solution you'd like
If this is valuable information, I'd like to see it added to the documentation to help others in the future. I'm happy to send a PR for the documentation update if you tell me which section I should add it to.
Describe alternatives you've considered
Not having TLS enabled, which doesn't seem like a very good alternative
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: