Search code examples
amazon-web-serviceskuberneteskubernetes-ingress

Setting up aws ssl certificate via kubernetes

Problem: after restarting ingress, ssl certificates are removed and you have to constantly install them back. After some searching, I found out that you can somehow configure ssl certificates in the yaml configuration file. Playing with the configs I did not manage to achieve the desired result.

yaml with ingress service configs:

apiVersion: v1
kind: Service

metadata:
  name: nginx-ingress
  annotations:
    nginx.ingress.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:...
    nginx.ingress.kubernetes.io/aws-load-balancer-backend-protocol: TCP
    nginx.ingress.kubernetes.io/aws-load-balancer-ssl-ports: "https"

spec:
  type: LoadBalancer

  selector:
    name: nginx-ingress

  ports:
  - name: http
    port: 80
    targetPort: 80
    nodePort: 31823
    protocol: TCP

  - name: https
    port: 443
    targetPort: 443
    nodePort: 31822
    protocol: TCP

This is what the working settings in aws look like. How can you achieve this result through the configuration file?

enter image description here

Solution

  • The solution was to remove this line

    nginx.ingress.kubernetes.io/aws-load-balancer-backend-protocol: TCP

    And change the targetPort value of https from 443 to 80

    - name: https
  port: 443
  targetPort: 80
  nodePort: 31822
  protocol: TCP