Traefik https重定向(通过kubernetes部署)

时间:2017-07-05 00:39:35

标签: kubernetes traefik

我通过kubernetes在AWS上运行traefik。这一切都有效,除了我的http => https重定向配置。

我有以下.toml文件

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
      entryPoint = "https"

使用下面的Kubernetes部署+服务配置。

https请求工作文件,但http请求返回:

> curl http://www.myserver.com
curl: (52) Empty reply from server

Kubernetes配置文件:

kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: traefik-proxy
  labels:
    app: traefik-proxy
    tier: proxy
spec:
  replicas: 1
  selector:
    matchLabels:
      app: traefik-proxy
      tier: proxy
  template:
    metadata:
      labels:
        app: traefik-proxy
        tier: proxy
    spec:
      terminationGracePeriodSeconds: 60

      # kubectl create configmap traefik-conf --from-file=./conf/k8s/traefik.toml
      volumes:
      - name: config
        configMap:
          name: traefik-conf

      containers:
      - image: traefik:v1.2.0-rc1-alpine
        name: traefik-proxy
        resources:
          limits:
            cpu: "200m"
            memory: "30Mi"
          requests:
            cpu: "100m"
            memory: "20Mi"
        volumeMounts:
        - mountPath: "/conf"
          name: config
        ports:
        - containerPort: 80
          hostPort: 80
          name: traefik-proxy
        - containerPort: 8080
          name: traefik-ui
        args:
        - --configFile=/conf/traefik.toml
        - --kubernetes
        - --web
---
apiVersion: v1
kind: Service
metadata:
  name: traefik-proxy
  annotations:
    # SSL certificate.
    # https://console.aws.amazon.com/acm (alienlabs.io)
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-east-1:861694698401:certificate/28204a9f-69ec-424d-8f56-ac085b7bdad8"
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http"
spec:
  type: LoadBalancer
  selector:
    app: traefik-proxy
    tier: proxy
  ports:
  - port: 80
    targetPort: 80
    name: http
  - port: 443
    targetPort: 80
    name: https

2 个答案:

答案 0 :(得分:0)

您想要略微区分您的EntryPoints:

defaultEntryPoints = ["http","https"]
[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
    regex = "^http://(.*)"
    replacement = "https://$1"
  [entryPoints.https]
  address = ":443"

答案 1 :(得分:0)

我的traefik.toml配置类似于Corey,但更简单一些。它适用于httphttps的全方位重定向。

defaultEntryPoints = ["http","https"]
[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]
      entryPoint = "https"
  [entryPoints.https]
  address = ":443"
相关问题
最新问题