I am not able to redirect traffic from http to https in my EKS service.
apiVersion: v1
kind: Service
metadata:
labels:
app: ledger-admin
name: ledger-admin
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https"
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:52943:certificate/01143f-XXX
service.beta.kubernetes.io/aws-load-balancer-name: admin-test-com
external-dns.alpha.kubernetes.io/hostname: admin.test.com
alb.ingress.kubernetes.io/ssl-redirect: '443'
spec:
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 80
selector:
app: ledger-admin
type: LoadBalancer
I tried adding the annotation
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
but it also didnt work. When i enter https://admin.test.com directly in address bar its working fine.
K8s Service does not have redirection functionality. it is designed to provide a static IP (or, cluster IP level) to the pods who has ephemeral IP. It allows pods to have service discovery functionality in the cluster. A Kubernetes service is private to the cluster. This means only applications inside the cluster can access them. There are a number of ways around this, and one of the best is an ingress.
Read more here: https://kubernetes.io/docs/concepts/services-networking/service/
Using the Ingress resource, you just do "alb.ingress.kubernetes.io/ssl-redirect" = "443"