2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
To run the application or setup SSL and TLS on kubernetes best practices suggest to use cert-manager & ingress.
Ingress works as the gateway and expose the service to the outside world and manage the connection.
While cert-manager use for manage the SSL certificates for domains. you can follow this guide to setup ingress and cert-manager:
답변함 5년 전
0
Here's one way to do it:
- Install AWS Load Balancer Controller
- Create an K8s ingress to create an application load balancer (ALB) or a K8s service to create a network load balancer (NLB)
- Create certificate using AWS Certificate Manager
Examples
This ingress creates an ALB with port 443 (HTTPS)
The certificate is added via annotation alb.ingress.kubernetes.io/certificate-arn
At a very high level, traffic flow would be:
(client) -> HTTPS/443 -> (ALB) -> traffic decrypted by ALB & forwarded to service -> (POD)
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: app-ingress
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/subnets: subnet-x, subnet-x
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:REGION:x:certificate/xxx
spec:
ingressClassName: alb
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: service-name-here
port:
number: 80
답변함 10달 전
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 2년 전