I have cloudflare SSL/TTL set to full and the ingress on my kubernetes cluster is using a self signed certificate. The ingress both ports 80 and 443 open.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
spec:
ingressClassName: nginx
rules:
- host: foo.mywebsite.example
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: server
port:
number: 80
- host: bar.mywebsite.example
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: grafana
port:
number: 3000
This seems to work, but to make sure I’m using the self signed certificate I set nginx.ingress.kubernetes.io/force-ssl-redirect: "true". This causes a redirect loop, where foo.mywebsite.example shows “The page isn’t redirecting properly” in the browser.
I think what is happening is that cloudflare is trying to send traffic to port 80 and nginx is redirecting to 443. Cloudflare doesn’t want to play ball and again tries port 80, this goes on in a loop until the process is killed.
Any way I can debug and fix this?