×
Community Blog Setting up HTTP to HTTPS Redirection with Alibaba Cloud Container Service

Setting up HTTP to HTTPS Redirection with Alibaba Cloud Container Service

In this post, Andre details an easy way for setting up HTTP to HTTPS redirection on Alibaba Cloud with Container Service.

By Andre Aliaman, independent IT consultant.

In this article, I'm going to share how I set up my first services on Alibaba Cloud Container Service for Kubernetes to redirect HTTP to HTTPS.

Just by reading Alibaba Cloud's official documentation, you can find the settings for some interesting configurations, which really shows off the flexibility of Alibaba Cloud Container Service for Kubernetes. Container Service offers support for several configurations, including using an NGINX ingress controller. But, my curiosity didn't end there. I wanted to set up HTTP to HTTPS redirection for my services.

For more things you can change and configure with Container Service, check out this document. It shows how you can use Alibaba Cloud Server Load Balancer (SLB) to access your services. This document is pretty detailed and covers a lot of things. Or, you can wait for me to cover this and other similar topics in later blog posts in the future.

Setting up HTTP to HTTPS Redirection

When I create my first clusters in Alibaba Cloud Container Service, I saw in the control panel that my clusters were already supporting the official ingress controller. All I needed to do was activate the ingress controller. For some reference, check out this image below:

1

Note: At the time of writing this article, only managed and dedicated clusters support this mode. However, this may change in the future.

After that, you can finish your setup and wait until everything has been settled, then you'll be ready for creating your first services at your new cluster. As the first step to setting up HTTP to HTTPS redirection, what you need is to have two YAML files. The first of these files is for deployment. In this file, you'll need to define your deployment name, label, metadata, and how many containers you'll need, as well as the container images you want to use. And when it comes to images, You can use your images or use NGINX official images (for testing purposes) like what I did below:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: your-deployment-name
  namespace: default
  labels:
    app: your-label-for-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: your-container-name-label
  template:
    metadata:
      labels:
        app: your-container-name-label
    spec:
      containers:
      - name: your-container-name
        image: nginx or your-images
        imagePullPolicy: Always
        ports:
          - containerPort: 80
            name: service-port

If you want to use your own image, you can use the example YAML above and change it accordingly with your needs. The second YAML file you need to create is for services. The interesting part here is you can use Alibaba Cloud annotations directly in this YAML file. See the example below:

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alibaba-cloud-loadbalancer-protocol-port: "https:443,http:80"
    service.beta.kubernetes.io/alibaba-cloud-loadbalancer-cert-id: YOUR_CERT_ID
    service.beta.kubernetes.io/alibaba-cloud-loadbalancer-forward-port: "80:443"
  name: YOUR-KUBERNETES-SERVICE
  namespace: default
spec:
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: service-port
  - name: http
    port: 80
    protocol: TCP
    targetPort: service-port
  selector:
    run: YOUR_PODS_LABEL
  type: LoadBalancer

After creating the two files, you can start to implement them with this command kubectl apply -f<name-of-your-deployment-yaml and then use kubectl apply -f<name-of-your-service-yaml command, too, and last you will be able to see your new services by using the kubectl get svc command.

Now when it comes to verifying everything, you can do the following. Copy the EXTERNAL-IP for your services paste it into a browser window. If you use NGNIX official images like me, you'll have a result like this:

2

So, if everything went smoothly, you should be done. You have your first simple services that can be automatically accessed to HTTPS encryption.

Some Thoughts

As detailed in the page I linked above, Alibaba Cloud Container Service and Server Load Balancer itself has many other options and configuration settings you can play with. The document I shared above provides several options so that you can customize the settings of your services using Container Service to your exact needs. I'll share my configuration set up in a future post.

0 0 0
Share on

iilness

2 posts | 0 followers

You may also like

Comments

iilness

2 posts | 0 followers

Related Products

  • Server Load Balancer

    Respond to sudden traffic spikes and minimize response time with Server Load Balancer

    Learn More
  • Server Load Balancer(SLB)

    Alibaba Cloud Server Load Balancer is built to cope with high volume traffic and each year in November is put to the test during Alibaba’s annual Global Shopping Festival. Alibaba relies on Server Load Balancer to provide uninterrupted service during the festival by switching requests between data centers and transferring transactions to the most available server.

    Learn More
  • ApsaraDB for MyBase

    ApsaraDB Dedicated Cluster provided by Alibaba Cloud is a dedicated service for managing databases on the cloud.

    Learn More
  • ECS(Elastic Compute Service)

    An online computing service that offers elastic and secure virtual cloud servers to cater all your cloud hosting needs.

    Learn More