![](/img/trans.png)
[英]Redirect http to https AWS ELB without hosting ssl certificate on webserver
[英]How to redirect HTTP to HTTPS with Nginx Ingress Controller, AWS NLB and TLS certificate managed by AWS Certificate Manager?
我嘗試了以下方法來讓 HTTP 重定向到 HTTPS。 我不確定我哪里出錯了。
ingress-nginx
-nginx object:
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: nlb
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:...
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: http
my-ingress
object:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
namespace: my-namespace
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/secure-backends: "true"
spec:
tls:
- hosts:
- app.example.com
rules:
- host: app.example.com
http:
paths:
- path: /
backend:
serviceName: my-service
servicePort: 80
我在 HTTP 和 HTTPS 上得到308 Permanent Redirect
。 我想這是有道理的,因為 NLB 正在執行 SSL 終止,因此將 HTTP 轉發到 Nginx 服務? 我想我需要將 SSL 終端從 NLB 移動到 Nginx 服務?
謝謝
我相信您確實需要將 SSL 終端移動到入口 controller,因為我遇到了同樣的問題,而且我似乎處於永久重定向的情況。 流量在 443 上進入 NLB,並被終止並通過端口 80 發送到后端實例。入口看到端口 80 上的流量並重定向到 https://,從而開始無限循環。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.