如何禁用 http 使用 Kube.netes Nginx ingress controller 访问服务?
[英]How to disable http access to service using Kubernetes Nginx ingress controller?
问题描述
I have a service providing an API that I want to only be accessible over https .
我有一项提供 API 的服务,我希望只能通过https访问该服务。 I don't want http to redirect to https because that will expose credentials and the caller won't notice.我不希望http重定向到https ,因为这会暴露凭据并且调用者不会注意到。 Better to get an error response.最好得到错误响应。
How to do I configure my ingress.yaml?如何配置我的 ingress.yaml? Note that I want to maintain the default 308 redirect from http to https for other services in the same cluster.请注意,对于同一集群中的其他服务,我想保留从http到https的默认 308 重定向。
Thanks.谢谢。
1 个解决方案
解决方案1
2 已采纳 2021-09-30 12:33:28
In the documentation : you can read the following sentence about HTTPS enforcement through redirect:在文档中:您可以阅读以下关于 HTTPS enforcement through redirect 的句子:
By default the controller redirects (308) to HTTPS if TLS is enabled for that ingress.
ssl-redirect: "false"in the NGINX ConfigMap .ssl-redirect: "false"。
To configure this feature for specific ingress resources, you can use the nginx.ingress.kube.netes.io/ssl-redirect: "false" annotation in the particular resource.
You can also create two separate configurations: one with http and https and the other one only for http.您还可以创建两个单独的配置:一个用于 http 和 https,另一个仅用于 http。
Using kube.netes.io/ingress.class annotation you can choose the ingress controller to be used.使用kube.netes.io/ingress.class注释,您可以选择要使用的入口 controller。
This mechanism also provides users the ability to run multiple NGINX ingress controllers (eg one which serves public traffic, one which serves "internal" traffic).
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.