Kubernetes Ingress Nginx - Forwarding a HTTP request to a backend HTTPS service

Using the Kubernetes Ingress Nginx Controller, requests can be forwarded to a TLS secured service in the backend.

By default the controller redirects (308) to HTTPS if TLS is enabled for that ingress. If you want to disable this behavior globally, you can use ssl-redirect: "false"

Using backend-protocol annotations it is possible to indicate how Nginx should communicate with the backend service. By default NGINX uses HTTP, for a HTTP forward choose HTTPS

Here is an example ingress forwarding requests on foo.bar.com to a TLS secured backend service foobar-service.

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/rewrite-target: /
    kubernetes.io/tls-acme: "true"
    kubernetes.io/ingress.class: "nginx"
  name: icc-auth-ingress
  namespace: icc-system
spec:
  tls:
    - hosts:
        - foo.bar.com
      secretName: foo-bar-tls
  rules:
    - host: foo.bar.com
      http:
        paths:
          - path: /
            backend:
              serviceName: foobar-service
              servicePort: 443