Exposing a Kubernetes pod to HTTPS using Google Container Engine? (easiest way)
Question
Google App Engine (Flex) has an elegant way to ensure that apps are exposed to the internet using HTTPS. (From what I know, you just specify secure: always in app.yaml, and you are good to go ( https://cloud.google.com/appengine/docs/standard/python/config/appref#handlers_element )
Does the Google Container Engine have a similar straight forward way to ensure HTTPS connections, for instance when using the kubectl expose command? (eg kubectl expose deployment my_app --type=LoadBalancer --port [433] )
1 answers
solution1
2 ACCPTED 2017-04-24 16:48:08
Assuming you have a containerized application that already knows how to terminate TLS connections and has TLS certificates, you can use the kubectl expose command you mentioned to create a load balancer on port 443. It should work.
If you do not have TLS certificates and you're expecting Google Cloud to terminate the TLS for you, that is possible as well. You can use kube-lego to fetch TLS certificates from LetsEncrypt for free and create a kubernetes Ingress resource which later configures the Cloud Load Balancer to terminate the TLS for you. You can find a tutorial here: https://github.com/jetstack/kube-lego/tree/master/examples/gce
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.