Reputation: 87
Exposing a Kubernetes pod to HTTPS using Google Container Engine? (easiest way)
Google App Engine (Flex) has an elegant way to ensure that apps are exposed to the internet using HTTPS. (From what I know, you just specify secure: always in app.yaml, and you are good to go (https://cloud.google.com/appengine/docs/standard/python/config/appref#handlers_element)
Does the Google Container Engine have a similar straight forward way to ensure HTTPS connections, for instance when using the kubectl expose command? (e.g.
kubectl expose deployment my_app --type=LoadBalancer --port [433])
Upvotes: 1
Views: 217
Answers (1)
Reputation: 45312
Assuming you have a containerized application that already knows how to terminate TLS connections and has TLS certificates, you can use the kubectl expose command you mentioned to create a load balancer on port 443. It should work.
If you do not have TLS certificates and you're expecting Google Cloud to terminate the TLS for you, that is possible as well. You can use kube-lego to fetch TLS certificates from LetsEncrypt for free and create a kubernetes Ingress resource which later configures the Cloud Load Balancer to terminate the TLS for you. You can find a tutorial here: https://github.com/jetstack/kube-lego/tree/master/examples/gce
Upvotes: 2
Related Questions
- http -> https redirect in Google Kubernetes Engine
- Kubernetes HTTPS Ingress in Google Container Engine
- How to get ssl on a kubernetes application?
- Expose Google compute engine or Kubernetes through HTTPS
- What are the steps to implement HTTPS with Google Cloud Containers?
- EV SSL Certificate in Kubernetes
- Google Kubernetes Engine: Enable HTTPS for Service type
- Ensure SSL all the way to the pod using Google Container Engine Ingress
- HTTPS on Google Cloud Container Engine
- container engine kubernetes and ssl