时间戳

首页 > 解决方案 > 如何在 Kubernetes 中设置 HTTPS 负载均衡器

kubernetes - 如何在 Kubernetes 中设置 HTTPS 负载均衡器

问题描述

我需要让我的应用程序支持通过 https 的请求并阻止 http 端口。我想使用我公司提供的证书,所以我需要 jks 证书或其他类型的证书。我不知道如何在 gke 中使它成为 https。我看过几个文档,但不清楚。这是我当前的 kubernetes 部署文件。请让我知道如何配置它。

apiVersion: v1
kind: Service
metadata:
  name: oms-integeration-service
spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 8081
    protocol: TCP
    name: http
  selector:
    app: integeration
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: integeration
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: integeration
    spec:
      containers:
      - name: esp
        image: gcr.io/endpoints-release/endpoints-runtime:1
        args: [
          "--http_port=8081",
          "--backend=127.0.0.1:8080",
          "--service=oms.endpoints.gcp-dsw-oms-int-{{env}}.cloud.goog",
          "--rollout_strategy=managed",
        ]
      - name: integeration-container
        image: us.gcr.io/gcp-dsw-oms-int-{{env}}/gke/oms-integ-service:{{tag}}
        readinessProbe:
          httpGet:
            path: /healthcheck
            port: 8080
          initialDelaySeconds: 60
          periodSeconds: 10
        ports:
        - containerPort: 8080
        resources:
          requests:
            memory: 500M
        env:
        - name: LOGGING_FILE
          value: "integeration-container"
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: integeration-ingress
  annotations:
    kubernetes.io/ingress.global-static-ip-name: "oms-int-ip"
    kubernetes.io/ingress.class: "gce"
  rules:
  - host: "oms.endpoints.gcp-dsw-oms-int-{{env}}.cloud.goog"
    http:
      paths:
      - path: /*
        backend:
          serviceName: oms-integeration-service
          servicePort: 80

标签: kubernetesssl-certificategoogle-kubernetes-enginekubernetes-helmkubernetes-ingress

解决方案

您必须创建一个包含 SSL 证书的机密,然后在入口规范中引用该机密,如此处所述

推荐阅读