diff options
author | Vincent Ambo <tazjin@google.com> | 2019-08-27T11·44+0100 |
---|---|---|
committer | Vincent Ambo <tazjin@google.com> | 2019-08-27T11·44+0100 |
commit | a58af3e371591ed7a7015350512ca46accbf37d6 (patch) | |
tree | 23ba45d54a9ef90e75fbe1847a513a421f04ef17 /infra/kubernetes/https-lb | |
parent | cae99692de34a9d7600adb2fa7bb88436a332ff6 (diff) |
feat(k8s): Configure HTTPS ingress for the blog r/67
Uses Google-managed certificates and an Ingress resource to set up an HTTPS load-balancer. This probably won't be the final version as the GKE Ingress is very limited and can not do things like redirect URLs, which I need to decommission the old setup.
Diffstat (limited to 'infra/kubernetes/https-lb')
-rw-r--r-- | infra/kubernetes/https-lb/ingress.yaml | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/infra/kubernetes/https-lb/ingress.yaml b/infra/kubernetes/https-lb/ingress.yaml new file mode 100644 index 000000000000..5afb5f3a48e1 --- /dev/null +++ b/infra/kubernetes/https-lb/ingress.yaml @@ -0,0 +1,15 @@ +# This resource configures the HTTPS load balancer that is used as the +# entrypoint to all HTTPS services running in the cluster. +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: https-ingress + annotations: + networking.gke.io/managed-certificates: tazj-in, www-tazj-in +spec: + # Default traffic is routed to the blog, in case people go to + # peculiar hostnames. + backend: + serviceName: tazblog + servicePort: 8000 |