By Andre Aliaman, independent IT consultant.
In this article, I'm going to share how I set up my first services on Alibaba Cloud Container Service for Kubernetes to redirect HTTP to HTTPS.
Just by reading Alibaba Cloud's official documentation, you can find the settings for some interesting configurations, which really shows off the flexibility of Alibaba Cloud Container Service for Kubernetes. Container Service offers support for several configurations, including using an NGINX ingress controller. But, my curiosity didn't end there. I wanted to set up HTTP to HTTPS redirection for my services.
For more things you can change and configure with Container Service, check out this document. It shows how you can use Alibaba Cloud Server Load Balancer (SLB) to access your services. This document is pretty detailed and covers a lot of things. Or, you can wait for me to cover this and other similar topics in later blog posts in the future.
When I create my first clusters in Alibaba Cloud Container Service, I saw in the control panel that my clusters were already supporting the official ingress controller. All I needed to do was activate the ingress controller. For some reference, check out this image below:
Note: At the time of writing this article, only managed and dedicated clusters support this mode. However, this may change in the future.
After that, you can finish your setup and wait until everything has been settled, then you'll be ready for creating your first services at your new cluster. As the first step to setting up HTTP to HTTPS redirection, what you need is to have two YAML files. The first of these files is for deployment. In this file, you'll need to define your deployment name, label, metadata, and how many containers you'll need, as well as the container images you want to use. And when it comes to images, You can use your images or use NGINX official images (for testing purposes) like what I did below:
--- apiVersion: apps/v1 kind: Deployment metadata: name: your-deployment-name namespace: default labels: app: your-label-for-deployment spec: replicas: 1 selector: matchLabels: app: your-container-name-label template: metadata: labels: app: your-container-name-label spec: containers: - name: your-container-name image: nginx or your-images imagePullPolicy: Always ports: - containerPort: 80 name: service-port
If you want to use your own image, you can use the example YAML above and change it accordingly with your needs. The second YAML file you need to create is for services. The interesting part here is you can use Alibaba Cloud annotations directly in this YAML file. See the example below:
apiVersion: v1 kind: Service metadata: annotations: service.beta.kubernetes.io/alibaba-cloud-loadbalancer-protocol-port: "https:443,http:80" service.beta.kubernetes.io/alibaba-cloud-loadbalancer-cert-id: YOUR_CERT_ID service.beta.kubernetes.io/alibaba-cloud-loadbalancer-forward-port: "80:443" name: YOUR-KUBERNETES-SERVICE namespace: default spec: ports: - name: https port: 443 protocol: TCP targetPort: service-port - name: http port: 80 protocol: TCP targetPort: service-port selector: run: YOUR_PODS_LABEL type: LoadBalancer
After creating the two files, you can start to implement them with this command
kubectl apply -f<name-of-your-deployment-yaml and then use
kubectl apply -f<name-of-your-service-yaml command, too, and last you will be able to see your new services by using the
kubectl get svc command.
Now when it comes to verifying everything, you can do the following. Copy the
EXTERNAL-IP for your services paste it into a browser window. If you use NGNIX official images like me, you'll have a result like this:
So, if everything went smoothly, you should be done. You have your first simple services that can be automatically accessed to HTTPS encryption.
As detailed in the page I linked above, Alibaba Cloud Container Service and Server Load Balancer itself has many other options and configuration settings you can play with. The document I shared above provides several options so that you can customize the settings of your services using Container Service to your exact needs. I'll share my configuration set up in a future post.
Teddy.Sun - February 3, 2021
Alibaba Clouder - March 1, 2019
Alibaba Clouder - January 22, 2018
francisndungu - February 24, 2020
Alibaba Clouder - October 25, 2019
Alibaba Clouder - December 6, 2017
Respond to sudden traffic spikes and minimize response time with Server Load BalancerLearn More
ApsaraDB Dedicated Cluster provided by Alibaba Cloud is a dedicated service for managing databases on the cloud.Learn More
An online computing service that offers elastic and secure virtual cloud servers to cater all your cloud hosting needs.Learn More
A secure image hosting platform providing containerized image lifecycle managementLearn More