I have have a java war file for which i have created an image. The image when run locally works fine over HTTP.
Now i am trying to run the containers using Kubernetes. Have created a Kubernetes Service to expose the app pod to outisde.
Below is my kubernetes deployment.yaml. Not an expert in Docker and Kubernetes. Specially lost in the different metadata of Kubernetes services. Might have done some mistake there to expose HTTP and HTTPS both on 8080 and 443 respectively.
<!-- language: lang-yaml -->apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: demo
name: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: demo
spec:
containers:
- image: <imagename1>
name: cmisfileshare
resources: {}
imagePullPolicy: Always
status: {}
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: demo
name: demo
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
selector:
app: demo
type: ClusterIP
status:
loadBalancer: {}Now when i run my application i get the following error in my browser
<!-- language: lang-none -->upstream connect error or disconnect/reset before headers. reset reason: connection failureThen i expose the service by applying Kyma API Rules ( which internally creates an Istio virtual service)
If i keep the service as following then it works
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: demo
name: demo
spec:
ports:
- name: 8080-8080
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: demo
type: ClusterIP
status:
loadBalancer: {}But then the endpoint is exposed as HTTPS but the actual traffic from Istio /Envoy proxy to my app is still HTTP.Because in my code i fetch java servlet request's protocol and it returns HTTP.
How do i enable TLS /HTTPS traffic from Istio to App ?