-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terminating SSL with AWS Elastic Load Balancer #1624
Comments
@mooperd please check the required annotations here https://github.com/kubernetes/ingress-nginx/blob/master/deploy/provider/aws/service-l7.yaml |
Thats great! It worked. Is it possible to 301 http:// to https:// ? Here is the config that is working.
|
@mooperd yes you can. Here are the docs on forcing ssl redirection. You can read up more on the AWS setup here. One thing to note though is that due to a change in Kubernetes 1.8, you can't currently terminate TLS in the ELB without customizing the nginx config template. I filed #1622 to fix this. |
@erickt Thanks for the heads up. I'll track those tickets. The 301 works now that tls is enabled in the ingress. Thanks! |
@mooperd can we close this issue? |
If anyone is using the helm chart nginx-ingress, here are the values that finally worked for me. I'm using the workaround and using "80" instead of "http" until #1622 is fixed. The information in this issue helped a lot. Thanks guys!
|
Note: read below for workaround and reasoning: |
i have the same issue, i tried below annotations: Service: on Ingress: that have ended to FYI i’m using here NLB |
@BouchaaraAdil AWS recently added K8s v1.15 to EKS, which does support NLB SSL termination. Those annotations should work now. |
Hi,
I'm trying to work out how SSL can be terminated at the ELB using the AWS certificates.
The "LoadBalancer" service is able to create the ELB but I'm struggling to understand where I should be "plugging in" the other end. I think its confusing as the Load balancer service seems to bridge Cloud and Kubernetes.
This is perhaps more complicated because I am trying to use kubernetes as a ssl termination proxy for an external AWS Elasticsearch instance which is available on HTTPS. I intend that there is an SSL termination at the ELB,
The load balancer port configuration looks correct:
My LoadBalancer service looks like this. I've been playing with the ports config.
This is the service that I want to expose:
With this Ingress:
The text was updated successfully, but these errors were encountered: