Dashboard kubernetes

Hi to everyone , I d like to expose kubernetes dashboard with an ingress HA-PROXY.
I don’t want to use kubproxy listen on 127.0.0.1
It is possible I ve tested and it it gives to me the following error
Client sent an HTTP request to an HTTPS server.
what am I doing wrong…
Is it possible to do with a simple ha-proxy ingress?
Thank you very much
I forgot , it is a test environment
Francesco

Now I attached my ingress
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:

haproxy.org/check: “enabled”

#haproxy.org/check-http: "enabled"
#haproxy.org/ssl-certificate: "regionelazio-tls"
#haproxy.org/ingress.class: ""

haproxy.org/forwarded-for: “enabled”

name: dashboard.regione.lazio.it
namespace: kubernetes-dashboard
spec:
rules:

  • host: dashboard.regione.lazio.it
    http:
    paths:
    • path: /
      backend:
      serviceName: kubernetes-dashboard
      servicePort: 443

tls:

  • hosts:
    • dashboard.regione.lazio.it
      secretName: regionelazio-tls

kubectl get ing -A -o wide
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE
kubernetes-dashboard dashboard.regione.lazio.it dashboard.regione.lazio.it 80, 443 23h

NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default kubernetes ClusterIP 10.96.0.1 443/TCP 28h
kube-system kube-dns ClusterIP 10.96.0.10 53/UDP,53/TCP,9153/TCP 28h k8s-app=kube-dns
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.101.226.42 8000/TCP 7m44s k8s-app=dashboard-metrics-scraper
kubernetes-dashboard kubernetes-dashboard ClusterIP 10.105.156.139 443/TCP 7m44s k8s-app=kubernetes-dashboard

Cluster information:

Kubernetes version: 1.8.2
Cloud being used: (put bare-metal if not on a public cloud)
Installation method: kubedam -init
Host OS: CENTOS
CNI and version: calico
CRI and version:

You can format your yaml by highlighting it and pressing Ctrl-Shift-C, it will make your output easier to read.

I haven’t played with haproxy ingress. But if the ingress is handling the SSL then the backend doesn’t need the 443. My guess is that you need to change your backend from 443 to 80 and just let the ssl termination happen at the ingress.