K
Q

Service (LoadBalancer) port not working on aws

1/9/2018

I have a LoadBalancer service on a k8s deployment on aws (made via kops).

Service definition is as follows:

apiVersion: v1
kind: Service
metadata:
  name: ui
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: <certificate_id>
spec:
  ports:
  - name: http
    port: 80
    targetPort: ui-port
    protocol: TCP
  - name: https
    port: 443
    targetPort: ui-port
    protocol: TCP
  selector:
    els-pod: ui
  type: LoadBalancer

Here is the respective deployment:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: ui-deployment
spec:
  replicas: 1
  template:
    metadata:
      labels:
        els-pod: ui
    spec:
      containers:
      - image: <my_ecr_registry>/<my_image>:latest
        name: ui
        ports:
        - name: ui-port
          containerPort: 80
      restartPolicy: Always

I know that <my_image> exposes port 80.

I have also assigned an alias to the ELB that gets deployed, say. my-k8s.mydomain.org

Here is the issue:

  • https://my-k8s.mydomain.org works just fine
  • http://my-k8s.mydomain.org returns an empty page (when accessing behind a squid proxy, I get the zero-sized reply error message)

Why am I unable to access the service via port 80?

edit: what I have just found is that the service annotation regarding the certificate, also assigns it on port 80 on the ELB.

Could that be the issue?

Is there a way around this?

-- pkaramol
amazon-web-services
kubernetes

Similar Questions

Getting Kubernetes cluster information
NetworkPlugin cni failed to set up pod "kube-dns-XXXX" network: open /proc/sys/net/ipv6/conf/eth0/accept_dad: no such file or directory
AKS: Logging into worker nodes and get Permission denied (publickey)
How to connect GKE to an AWS RDS instance?

1 Answer

1/9/2018

Just needed to add the following annotation in the service definition:

service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
-- pkaramol
Source: StackOverflow