Hi Team I have deployed rancher behind internal AWS network Rancher Users #general

Hi Team, I have deployed rancher behind internal A...

stale-dinner-99388

10/09/2023, 4:59 AM

Hi Team, I have deployed rancher behind internal AWS network load balancer and accessing via VPN. I have tried to attach SSL Certificate to it but got

TOO MANY REDIRECTS

error. I have deployed ingress-nginx with this configuration shared by @swift-accountant-87565. http to https redirection is working fine but rancher is giving error.

Copy code

controller:
  replicaCount: 3
  allowSnippetAnnotations: true
  config:
    http-snippet: |
      server {
        listen 2443;
        return 308 https://$host$request_uri;
      }
    use-forwarded-headers: "true"
  containerPort:
    http: 80
    https: 443
    tohttps: 2443
  ingressClass: nginx
  ingressClassResource:
    controllerValue: <http://k8s.io/ingress-nginx|k8s.io/ingress-nginx>
    default: true
    enabled: true
    name: nginx
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true
  service:
    annotations:
      <http://external-dns.alpha.kubernetes.io/hostname|external-dns.alpha.kubernetes.io/hostname>: <MASKED>
      <http://nginx.ingress.kubernetes.io/ssl-redirect|nginx.ingress.kubernetes.io/ssl-redirect>: "true"
      <http://service.beta.kubernetes.io/aws-load-balancer-backend-protocol|service.beta.kubernetes.io/aws-load-balancer-backend-protocol>: tcp
      <http://service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout|service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout>: "3600"
      <http://service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled|service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled>: "true"
      <http://service.beta.kubernetes.io/aws-load-balancer-ssl-cert|service.beta.kubernetes.io/aws-load-balancer-ssl-cert>: <MASKED>
      <http://service.beta.kubernetes.io/aws-load-balancer-ssl-ports|service.beta.kubernetes.io/aws-load-balancer-ssl-ports>: https
      <http://service.beta.kubernetes.io/aws-load-balancer-type|service.beta.kubernetes.io/aws-load-balancer-type>: nlb
    ports:
      http: 80
      https: 443
    targetPorts:
      http: tohttps
      https: http
  setAsDefaultIngress: true

Open in Slack

Previous Next