I am attempting to route client's requests to a specific pod (ingress) for TLS termination. The path way looks like the following:

client request to https://172.16.0.20:8000 (this cannot change) -> k8s ingress pod (terminate tls) -> route traffic to external service outside the cluster as http

I am able to get a successful response if I test it with kubectl port-forward and curl the port that is being forwarded, however, from my understanding this is not intended for production use. I also know that ingresses only can listen on port 80 and 443, however client's need to make a request to https://172.16.0.20:8000 (this cannot change). I have tried using iptables to REDIRECT traffic to the NodePort, however, that didn't work and there is a detailed explanation here .

My question is, is there another way we can allow traffic to a cluster with client making a request to a specific ip and port?