Amazon web services ALB入口-将流量从HTTP重定向到HTTPS不工作
我正在尝试将所有Amazon web services ALB入口-将流量从HTTP重定向到HTTPS不工作,amazon-web-services,kubernetes,kubernetes-ingress,Amazon Web Services,Kubernetes,Kubernetes Ingress,我正在尝试将所有HTTP流量路由到HTTPS。我有一个ALB入口资源,并遵循这里的指南,但它不工作。当我尝试访问它时,它将使用http,但不会重定向到https 下面是我的入口资源文件 apiVersion: extensions/v1beta1 kind: Ingress metadata: name: eks-learning-ingress namespace: production annotations: kubernetes.io/ingress.class: a
HTTP
流量路由到HTTPS
。我有一个ALB入口资源,并遵循这里的指南,但它不工作。当我尝试访问它时,它将使用http,但不会重定向到https
下面是我的入口资源文件
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: eks-learning-ingress
namespace: production
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/certificate-arn: arn878ef678df
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
labels:
app: eks-learning-ingress
spec:
rules:
- host: www.myhost.in
http:
paths:
- path: /*
backend:
serviceName: eks-learning-service
servicePort: 80
在这方面的任何帮助都会非常好,谢谢。对于任何在这篇文章上绊倒的人。我缺少将此添加为我的http路径。请记住,这需要是第一个指定的路径
- path: /*
backend:
serviceName: ssl-redirect
servicePort: use-annotation
一旦我添加了这个重定向,它就开始工作了
因此,最终的配置应该如下所示:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: eks-learning-ingress
namespace: production
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/certificate-arn: arn878ef678df
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
labels:
app: eks-learning-ingress
spec:
rules:
- host: www.myhost.in
http:
paths:
- path: /*
backend:
serviceName: ssl-redirect
servicePort: use-annotation
- path: /*
backend:
serviceName: eks-learning-service
servicePort: 80
您是否仅在服务上公开端口80?或者我还需要设置端口443吗?