K
Q

DigitalOcean Loadbalancer behavior Kubernetes TCP 443

5/6/2019

Currently I've this Load Balancer Service on my Kubernetes Cluster.

NAME            TYPE           CLUSTER-IP     EXTERNAL-IP       PORT(S)            AGE
kubernetes      ClusterIP      [HIDDEN]       <none>            443/TCP            44h
load-balancer   LoadBalancer   [HIDDEN]       [HIDDEN]          443:30014/TCP      39h

This is my .yaml file config

apiVersion: v1
kind: Service
metadata:
name: load-balancer
spec:
selector:
    app: nodeapp
type: LoadBalancer
ports:
    - protocol: TCP
    port: 443
    targetPort: 3000
    name: https

For some reason DigitalOcean does not setup the HTTPS instead if leaves it as TCP 443. And then I've to manually go to DigitalOcean and change TCP to HTTPS and create the let's encrypt certificate. How can I make Kubernetes create a load balancer using HTTPS on port 443 instead of TCP 443.

-- Eddwin Paz
digital-ocean
kubernetes

Similar Questions

Prevent redundant CRUD operations in multi-container pod
Postgres on Kubernetes password authentication failed
Azure Templates Support For AKS Node Pools
How to update Helm Chart.yaml from command line

1 Answer

5/7/2019

According with their documentation you need to add additional annotations like that:

---
kind: Service
apiVersion: v1
metadata:
  name: https-with-cert
  annotations:
    service.beta.kubernetes.io/do-loadbalancer-protocol: "http"
    service.beta.kubernetes.io/do-loadbalancer-algorithm: "round_robin"
    service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
    service.beta.kubernetes.io/do-loadbalancer-certificate-id: "your-certificate-id"
spec:
  type: LoadBalancer
  selector:
    app: nginx-example
  ports:
    - name: http
      protocol: TCP
      port: 80
      targetPort: 80
    - name: https
      protocol: TCP
      port: 443
      targetPort: 80

How to add SSL certificate: https://www.digitalocean.com/docs/networking/load-balancers/how-to/custom-ssl-cert/

-- Vasily Angapov
Source: StackOverflow