DEV Community

Cover image for Kubectl exec/port-forward with AWS ALB and nginx-ingress-controller
Mohamed Radwan for AWS Community Builders

Posted on • Updated on

Kubectl exec/port-forward with AWS ALB and nginx-ingress-controller

I was facing issues when I performed kubectl with exec or port-forward option on my Rancher clusters that used EKS and ALB, it was giving me this error

kubectl exec -it app -- bash

Error from server (BadRequest): Upgrade request required
Enter fullscreen mode Exit fullscreen mode

exec and port forward are using SPDY protocol and ALB does not support it.

The HTTPS request is going from the user to ALB, then SSL is terminated on the ALB, and the request is forwarded to the Nginx controller service after that forward to the rancher service.

See the part 1 to setup Rancher on EKS and ALB

After that, you need to do the following:

1- Install Nginx Ingress Controller

helm upgrade --install nginx ingress-nginx/ingress-nginx --namespace cattle-system --set controller.service.type=NodePort  --set controller.service.targetPorts.https=http --set-string controller.config.use-forwarded-headers="true" --version 3.12.0
Enter fullscreen mode Exit fullscreen mode

2- Edit the rancher Ingress

kubectl edit ingress -n cattle-system rancher
Enter fullscreen mode Exit fullscreen mode

Change the host and name inside spec with the following:


spec:
   rules:
   - host: '*.example.com'
     http:
       paths:
       - backend:
           service:
             name: nginx-ingress-nginx-controller
             port:
               number: 80
         pathType: ImplementationSpecific
Enter fullscreen mode Exit fullscreen mode

3- Create a new ingress with the following:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
  name: rancher-exec
  namespace: cattle-system

spec:
   rules:
   - host: 'rancher.example.com'
     http:
       paths:
       - backend:
           service:
             name: rancher
             port:
               number: 80
         pathType: ImplementationSpecific
Enter fullscreen mode Exit fullscreen mode

Test the kubectl exec and port-forward

kubectl create deployment nginx2 --image nginx:alpine
kubectl expose deployment nginx2 --port=80
kubectl exec -it nginx2-XXXXX -- sh
kubectl port-forward service/nginx2 --address 0.0.0.0 80:80
Enter fullscreen mode Exit fullscreen mode

Discussion (0)