Reputation: 18609
What are the steps to implement HTTPS with Google Cloud Containers?
Can’t find any resources that simply say here’s where your cert goes and here’s how to enable it. I have the cert there when I run gcloud compute ssl-certificates list. I have a cluster with kubernetes running and exposing http traffic via this service:
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "foo-frontend-service"
},
"spec": {
"selector": {
"app": "foo-frontend-rc"
},
"ports": [
{
"protocol": "TCP",
"port": 80,
"targetPort": 3009
}
]
}
}
- Need to know how to put the cert in the right place to be utilized
- Need to know how to reconfigure my service
- Need to know what my new SSL endpoint will be. Is it the same?
Upvotes: 8
Views: 1698
Answers (1)
Reputation: 1109
K8s doesn't have special TLS support for the ordinary services. You need to use one of the following methods:
using Ingress: see http://kubernetes.io/docs/user-guide/ingress/#tls. You need to choose a Ingress controller which implements the Ingress functionalities, you can use GLBC if you are on GCE, or you can use the nginx one. Both of them supports TLS. Please note that the Ingress is still beta feature with limitations.
The service-loadbalancer in the contrib repo also supports tls: https://github.com/kubernetes/contrib/tree/master/service-loadbalancer#ssl-termination
Upvotes: 7
Related Questions
- Access stateful headless kubernetes externally?
- What is the difference between Google App Engine and Google Compute Engine?
- Is there anyone to get dynamic env value in seprate pod kubernetes k3s
- kubernetes apps avalaible on localhost
- Kubernetes Ingress with 302 redirect loop
- You're speaking plain HTTP to an SSL-enabled server port in Kubernetes
- Pod deletion causes errors when using NEG
- Multiple SSL Certificates kubernetes
- NGINX loadbalancing on Kubernetes