HTTPS redirect annotation does not work

[sandeepsharmadevops]

Hi There!

I have recently started evaluating the Skipper as an ingress controller for K8S, at very initial level need info on how to disable the HTTPS redirect, i have tried the below but nothing worked for me so far.

using latest version of skipper 0.10.180

below cmd line options are not passed, but HTTP --> HTTPS is happening, is this there OOB?, can we disable from skipper cmd line option?
-kubernetes-https-redirect
-kubernetes-https-redirect-code

tried to disable via annotations in ingress k8s object, but still redirection is happening, how to disable it
zalando.org/skipper-ingress-redirect: false

NOTE: as current i don't have requirement to redirect HTTP --> HTTPS

Thx.

[szuecs]

Hi!
You can disable it via command line option -kubernetes-https-redirect=false.
If the ingress annotation doesn’t work we will consider this also as bug.

Latest is https://github.com/zalando/skipper/releases/tag/v0.10.186 , but this won’t fix the ingress annotation.

[sandeepsharmadevops]

thanks for update @szuecs able to disable the HTTPS redirect with suggestion above, it seems this is by default available even cmd line options is not defined...correct?

Annotations are not working, after disabling the HTTPS redirect, tried to enable via annotations, but not working, seems a bug, even not able to view annotations in YAML output, blank annotations.

Thx

[szuecs]

@sandeepsharmadevops thanks for testing the annotation!
Yes the default is set to =true. It's basically how Go flags package work and we set the default to true, because we thought it makes sense for most people.

[sandeepsharmadevops]

@szuecs yes, it make sense to enable it oob, in case someone want to disable it, can be done via controller, only downside of this, that it applies globally, until annotations working.

one more thing, i was evaluating ip whitelisting via annotations, it working fine as expected and throwing 404, can we customize the response status code/content. Intention is to allow only few ip ranges for rest send 404 with custom content.

[sandeepsharmadevops]

Hi @szuecs could you please share info about the above.

Thanks in advance.

[szuecs]

@sandeepsharmadevops Sorry for not replying, missed this comment.

If the annotation is not working it is a bug. I have to test it and then fix it.
For the custom 404 you can use a custom inline route or an eskip routes file, that does a default match for everything:

skipper -inline-routes 'mycatchall: * -> inlineContent("Hello, world!") -> status(404) -> <shunt>' 

You can pass inlineContent(string) an html string if you like.

[sandeepsharmadevops]

Thanks for update @szuecs even i was not looking for the prompt response. I will try your suggestions and let you know. Also let me know once bug in annotation gets fixed, i will test and let you know about the status.

Thanks Again!!!

[justinrcs]

Using the annotation does work, double check that your annotation is using quotes around the value, otherwise Skipper will ignore it.

zalando.org/skipper-ingress-redirect: "false"

[myaser]

what is the status of this issue
I see it was documentation issue, or there is a bug still?

I would like to contribute to skipper (Kubernetes ingress controller area) and was searching for my first issue 😄

[szuecs]

@myaser the issue is not fixed.
Basically the default -kubernetes-https-redirect=true can not be overridden by zalando.org/skipper-ingress-redirect: "false" annotation.
Seems to be more simple than #1478 to fix, because testing is more simple and you don't need to introduce new types, which is in refactoring for adding a validation webhook for routegroups.