-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
proxy_set_header doesn't allow overriding "X-Scheme" #5416
Comments
I also tried #4096 (comment) and #2724 (comment) to set |
Based on http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header, it appears that |
@swisspol #4096 does works for me. =) kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-configuration
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
data:
use-proxy-protocol: "false"
use-forwarded-headers: "true"
|
or if you using helm3 @swisspol $ helm upgrade nginx-ingress stable/nginx-ingress \
--set-string controller.config.use-proxy-protocol="false" \
--set-string controller.config.use-forwarded-headers="true"
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Because of the way that One way to hard-override them is with a custom Lua plugin. See #6358 (comment) for an example. |
NGINX Ingress controller version:
0.30.0
Kubernetes version (use
kubectl version
):Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.5", GitCommit:"20c265fef0741dd71a66480e35bd69f18351daea", GitTreeState:"clean", BuildDate:"2019-10-15T19:16:51Z", GoVersion:"go1.12.10", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"15+", GitVersion:"v1.15.10-eks-bac369", GitCommit:"bac3690554985327ae4d13e42169e8b1c2f37226", GitTreeState:"clean", BuildDate:"2020-02-26T01:12:54Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}
Environment:
uname -a
):What happened:
I need to set the
X-Scheme
header on requests forwarded to backend. That's because I want to run pgAdmin which needs this header set when running behind Nginx Ingress Controller with an AWS classic ELB in front of that does TLS termination (so L3 load balancer, not L7). Otherwise, it thinks its URL is http://my-pgadmin.com instead of https://my-pgadmin.com and a bunch of things break.Here's the ingress definition:
Here's what httpbin returns as received headers:
X-Scheme
is set tohttp,https
instead ofhttps
.What you expected to happen:
X-Scheme
is set tohttps
. I can't also figure out where isX-Scheme
set in the first place by Nginx Ingress controller.How to reproduce it:
X-Scheme
header as received by appAnything else we need to know:
Other things I tried:
X-Forwarded-Proto
but it's plain ignoredproxy-set-headers
but settingX-Scheme
in there also results inhttp,https
/kind bug
The text was updated successfully, but these errors were encountered: