Kubernetes with rewrite-target and kube-lego

5/6/2018

I am trying to create redirect rule to GC buckets with my own certs. I have such configuration:

kind: Service
apiVersion: v1
metadata:
  name: proxy-to-gcs
spec:
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
  type: ExternalName
  externalName: storage.googleapis.com
----
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: proxy-to-gcs
  annotations:
    kubernetes.io/tls-acme: "true"
    ingress.kubernetes.io/ssl-redirect: "true"
    ingress.kubernetes.io/rewrite-target: bucket_name/public
    kubernetes.io/ingress.class: nginx
spec:
  tls:
  - hosts:
    - www.example.com
    secretName: secret-name-tls
  rules:
  - host: www.example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: proxy-to-gcs
          servicePort: 80

When I want to see www.example.com/.well-known/acme-challenge/ as kube-lego endpoint, I see google storage bucket 404 page. There is a problem in that rewrite-target, which doesn't consider existence of kube-lego. Any suggestions? Thanks.

-- Chap
kube-lego
kubernetes
kubernetes-ingress
url-rewriting

1 Answer

5/16/2018

If you want just to host a static website from a bucket, you can use the official doc as a how-to

For Ingress, you can use HTTP(S) Load Balancer - internal google cloud loadbalancer.

You can route your traffic from 2 URL to one bucket and have HTTPS on both.

-- Nick Rak
Source: StackOverflow