背景
デプロイしたAppなどのEndpointをHTTPSにしたい
SSL設定する前
access -(http)-> my-service (80) -(http)-> MyApp (9376)
kind: Service
apiVersion: v1
metadata:
name: my-service
spec:
selector:
app: MyApp
ports:
- protocol: TCP
port: 80
targetPort: 9376
ACMを使ってSSLにする場合
access -(https)-> my-service (443) -(http)-> MyApp (9376)
kind: Service
apiVersion: v1
metadata:
name: my-service
spec:
selector:
app: MyApp
annotations:
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: <arn of the ACM>
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
spec:
ports:
- protocol: TCP
port: 443
targetPort: 9376