Redirect Traffic from HTTP to HTTPS¶
You can use the alb.ingress.kubernetes.io/ssl-redirect
annotation to setup an ingress to redirect http traffic to https
Example Ingress Manifest¶
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
namespace: default
name: ingress
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:xxxx:certificate/xxxxxx
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect: '443'
spec:
rules:
- http:
paths:
- path: /users/*
pathType: ImplementationSpecific
backend:
serviceName: user-service
servicePort: 80
- path: /*
pathType: ImplementationSpecific
backend:
serviceName: default-service
servicePort: 80
Note
alb.ingress.kubernetes.io/listen-ports
annotation must at least include [{"HTTP": 80}, {"HTTPS":443}] to listen on 80 and 443.alb.ingress.kubernetes.io/certificate-arn
annotation must be set to allow listen for HTTPS traffic- the ssl-redirect port must appear in the listen-port annotation, and must be an HTTPS port
How it works¶
If you enable SSL redirection, the controller configures each HTTP listener with a default action to redirect to HTTPS. The controller does not add any other rules to the HTTP listener.
For the above example, the HTTP listener on port 80 will have a single default rule to redirect traffic to HTTPS on port 443.