I have tried google a lot and done many configuration but still don't work.
What I want is exposing both HTTP and HTTPS - 80, 443 to the internet
Base on my understanding, to expose and run the app in container with 443, I have to put a SSL certificate, then the pod that runs the container somehow need to trust the certificate automatically otherwise it cannot receive any requests come from the load balancer. Am I right?
apiVersion: apps/v1
kind: Deployment
metadata:
name: dev-demo
spec:
selector:
matchLabels:
app: dev-demo
tier: backend
track: stable
replicas: 1
template:
metadata:
labels:
app: dev-demo
tier: backend
track: stable
spec:
containers:
- name: dev-demo
image: xxxxxxxxxxx
ports:
- containerPort: 80
- containerPort: 443
imagePullPolicy: Always
resources:
requests:
cpu: 500m
memory: 256Mi
limits:
cpu: 1000m
memory: 512Mi
env:
- name: ASPNETCORE_URLS
value: "https://*:443;http://*:80"
- name: ASPNETCORE_HTTPS_PORT
value: "443"
- name: ASPNETCORE_Kestrel__Certificates__Default__Path
value: "xxxxxx.pfx"
- name: ASPNETCORE_Kestrel__Certificates__Default__Password
value: "xxxxxx"
nodeSelector:
kubernetes.io/os: linux
apiVersion: v1
kind: Service
metadata:
name: dev-demo
labels:
run: dev-demo
annotations:
# Note that the backend talks over HTTP.
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https
# TODO: Fill in with the ARN of your certificate.
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: xxxxxxxxxx
# Only run SSL on the port named "https" below.
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
spec:
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
selector:
app: dev-demo
tier: backend
track: stable
sessionAffinity: None
type: LoadBalancer