By Andre Aliaman, independent IT consultant.
In this article, I'm going to share how I set up my first services on Alibaba Cloud Container Service for Kubernetes to redirect HTTP to HTTPS.
Just by reading Alibaba Cloud's official documentation, you can find the settings for some interesting configurations, which really shows off the flexibility of Alibaba Cloud Container Service for Kubernetes. Container Service offers support for several configurations, including using an NGINX ingress controller. But, my curiosity didn't end there. I wanted to set up HTTP to HTTPS redirection for my services.
For more things you can change and configure with Container Service, check out this document. It shows how you can use Alibaba Cloud Server Load Balancer (SLB) to access your services. This document is pretty detailed and covers a lot of things. Or, you can wait for me to cover this and other similar topics in later blog posts in the future.
When I create my first clusters in Alibaba Cloud Container Service, I saw in the control panel that my clusters were already supporting the official ingress controller. All I needed to do was activate the ingress controller. For some reference, check out this image below:
Note: At the time of writing this article, only managed and dedicated clusters support this mode. However, this may change in the future.
After that, you can finish your setup and wait until everything has been settled, then you'll be ready for creating your first services at your new cluster. As the first step to setting up HTTP to HTTPS redirection, what you need is to have two YAML files. The first of these files is for deployment. In this file, you'll need to define your deployment name, label, metadata, and how many containers you'll need, as well as the container images you want to use. And when it comes to images, You can use your images or use NGINX official images (for testing purposes) like what I did below:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: your-deployment-name
namespace: default
labels:
app: your-label-for-deployment
spec:
replicas: 1
selector:
matchLabels:
app: your-container-name-label
template:
metadata:
labels:
app: your-container-name-label
spec:
containers:
- name: your-container-name
image: nginx or your-images
imagePullPolicy: Always
ports:
- containerPort: 80
name: service-portIf you want to use your own image, you can use the example YAML above and change it accordingly with your needs. The second YAML file you need to create is for services. The interesting part here is you can use Alibaba Cloud annotations directly in this YAML file. See the example below:
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-protocol-port: "https:443,http:80"
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-cert-id: YOUR_CERT_ID
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-forward-port: "80:443"
name: YOUR-KUBERNETES-SERVICE
namespace: default
spec:
ports:
- name: https
port: 443
protocol: TCP
targetPort: service-port
- name: http
port: 80
protocol: TCP
targetPort: service-port
selector:
run: YOUR_PODS_LABEL
type: LoadBalancerAfter creating the two files, you can start to implement them with this command kubectl apply -f<name-of-your-deployment-yaml and then use kubectl apply -f<name-of-your-service-yaml command, too, and last you will be able to see your new services by using the kubectl get svc command.
Now when it comes to verifying everything, you can do the following. Copy the EXTERNAL-IP for your services paste it into a browser window. If you use NGNIX official images like me, you'll have a result like this:
So, if everything went smoothly, you should be done. You have your first simple services that can be automatically accessed to HTTPS encryption.
As detailed in the page I linked above, Alibaba Cloud Container Service and Server Load Balancer itself has many other options and configuration settings you can play with. The document I shared above provides several options so that you can customize the settings of your services using Container Service to your exact needs. I'll share my configuration set up in a future post.
How to Install Linux, Apache, and PHP(LAP) Stack on ECS using Ansible only with 3 steps
Alibaba Clouder - March 1, 2019
Teddy.Sun - February 3, 2021
Alibaba Cloud Native - August 9, 2023
Alibaba Clouder - January 22, 2018
Alibaba Container Service - January 26, 2022
Hironobu Ohara - June 26, 2023
Server Load Balancer
Respond to sudden traffic spikes and minimize response time with Server Load Balancer
Learn More
ApsaraDB for MyBase
ApsaraDB Dedicated Cluster provided by Alibaba Cloud is a dedicated service for managing databases on the cloud.
Learn More
HTTPDNS
HTTPDNS is a domain name resolution service for mobile clients. It features anti-hijacking, high accuracy, and low latency.
Learn More
Container Service for Kubernetes
Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn More