1

More than 5 years have passed since last update.

@nakamasato(Masato Naka)in

株式会社ビービット

k8sのServiceでLoadBalancerをAWSのACMでSSLにする

Posted at 2019-04-28

背景

デプロイしたAppなどのEndpointをHTTPSにしたい

SSL設定する前

access -(http)-> my-service (80) -(http)-> MyApp (9376)

kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  ports:
  - protocol: TCP
    port: 80
    targetPort: 9376

ACMを使ってSSLにする場合

access -(https)-> my-service (443) -(http)-> MyApp (9376)

kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: <arn of the ACM>
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"

spec:
  ports:
  - protocol: TCP
    port: 443
    targetPort: 9376

参照

1

Register as a new user and use Qiita more conveniently

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up

1