K
Q

Configuring EKS + Express with https

8/21/2019

After deploying my service + pods using kubectl and curling against the url, I keep getting this message

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 70
Content-Type: text/plain; charset=utf-8
Date: Wed, 21 Aug 2019 04:08:26 GMT
Location: https://<URL>
Vary: Accept
X-Powered-By: Express

Moved Permanently. Redirecting to https://<URL>

I am CURLing like so

http https://<URL>

And the result is the same when I use CURL.

This is what my server code looks like

 const sslOptions = {
   key: privKeyData,
   cert: certData,
   ca: chainData
 };
 http
  .createServer(app)
  .listen(PORT, () =>
    console.log(`listening on port ${PORT}`)
  );
  https
   .createServer(sslOptions, app)
   .listen(443, () =>
    console.log("listening on port 443");
   );

The certificates are correct (and coming from S3, I did not post that code). When checking my pod logs I also see the two console logs, suggesting that the server is running fine.

This is what my k8s file looks like

kind: Service
apiVersion: v1
metadata:
  name: <PROJECT>-api
  labels:
    app: <PROJECT>-api
  annotations:
    # Note that the backend talks over HTTP.
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
    # TODO: Not comfortable with this being in code - TODO: move this into a circleci environment variable
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: <CERTIFICATE_ARN>
    # Only run SSL on the port named "https" below.
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
spec:
  type: LoadBalancer
  selector:
    app: <PROJECT>-api
  ports:
    - port: 443
      targetPort: 3000
      protocol: TCP
      name: https
    - port: 80
      targetPort: 3000
      protocol: TCP
      name: http
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: <PROJECT>-api
  labels:
    app: <PROJECT>-api
spec:
  replicas: 1
  selector:
    matchLabels:
      app: <PROJECT>-api
  template:
    metadata:
      labels:
        app: <PROJECT>-api
    spec:
      containers:
        - name: <PROJECT>-api
          image: <IMAGE_NAME>
          imagePullPolicy: Always
          env:
            - name: VERSION_INFO
              value: "1.0"
            - name: BUILD_DATE
              value: "1.0"
          ports:
            - containerPort: 3000

The server code works fine within a EC2 instance. I cannot check this locally because my certificate is associated to my domain and not localhost.

Probably a stretch to get a clear cut answer for this - but any pointers would be really helpful.

-- praks5432
amazon-eks
express
https
kubernetes
node.js

Similar Questions

The result of command Helm get values don't include comments
How to change the default nodeport range on Mac (docker-desktop)?
Monitoring kubernetes pod readiness in stackdriver
How do I find how much actual CPU a kubernetes pod/container is using?
How to create a &quot;CertificateSigningRequest&quot; with apiVersion &quot;certificates.k8s.io/v1&quot; for a webhook
Threading vs Containers in Orchestration
next js failing to route to page in a subfolder using default next js routing in a kubernetes cluster
micrometer exposing actuator metrics vs kube-state-metrics vs metrics-server to set pod request/limits

0 Answers