about summary refs log tree commit diff
path: root/infra/kubernetes/https-lb
diff options
context:
space:
mode:
authorVincent Ambo <tazjin@google.com>2019-08-27T11·44+0100
committerVincent Ambo <tazjin@google.com>2019-08-27T11·44+0100
commita58af3e371591ed7a7015350512ca46accbf37d6 (patch)
tree23ba45d54a9ef90e75fbe1847a513a421f04ef17 /infra/kubernetes/https-lb
parentcae99692de34a9d7600adb2fa7bb88436a332ff6 (diff)
feat(k8s): Configure HTTPS ingress for the blog r/67
Uses Google-managed certificates and an Ingress resource to set up an
HTTPS load-balancer.

This probably won't be the final version as the GKE Ingress is very
limited and can not do things like redirect URLs, which I need to
decommission the old setup.
Diffstat (limited to 'infra/kubernetes/https-lb')
-rw-r--r--infra/kubernetes/https-lb/ingress.yaml15
1 files changed, 15 insertions, 0 deletions
diff --git a/infra/kubernetes/https-lb/ingress.yaml b/infra/kubernetes/https-lb/ingress.yaml
new file mode 100644
index 000000000000..5afb5f3a48e1
--- /dev/null
+++ b/infra/kubernetes/https-lb/ingress.yaml
@@ -0,0 +1,15 @@
+# This resource configures the HTTPS load balancer that is used as the
+# entrypoint to all HTTPS services running in the cluster.
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: https-ingress
+  annotations:
+    networking.gke.io/managed-certificates: tazj-in, www-tazj-in
+spec:
+  # Default traffic is routed to the blog, in case people go to
+  # peculiar hostnames.
+  backend:
+    serviceName: tazblog
+    servicePort: 8000