Home > Back-end >  Kubernetes ingress hsts not enabled
Kubernetes ingress hsts not enabled

Time:01-19

my current ingress configuration is:

apiVersion: "networking.k8s.io/v1"
kind: "Ingress"
metadata:
  name: "app-ingress"
  annotations:
    kubernetes.io/ingress.global-static-ip-name: "app-external-ip"
    kubernetes.io/ingress.class: "gce"
spec:
  tls:
    - hosts:
        - "example.app"
      secretName: "app-tls"
  rules:
    - host: "example.app"
      http:
        paths:
          - path: "/"
            pathType: "Prefix"
            backend:
              service:
                name: "app-service"
                port:
                  number: 80

now i struggle with not HSTS enabled. I can enter example.app with http and https protocol, but i want to strict it to https only. I tried:

  • using nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - still http available
  • using kubernetes.io/ingress.allow-http: "false" - creates google managed certificate (im using self signed one app-tls) which makes ssl cert error in browser. I'm pretty sure second one should be the option and i'm doing something wrong or misconfigure something.

CodePudding user response:

Your ingress class is GCE and might be using the GCE ingress so Nginx annotation should not work.

So you have to create the

apiVersion: networking.gke.io/v1beta1
kind: FrontendConfig
metadata:
  name: my-frontend-config
spec:
  redirectToHttps:
    enabled: true
    responseCodeName: MOVED_PERMANENTLY_DEFAULT

Read more at : Doc ref

Page link:https//www.codepudding.com/Backend/676656.html

Prev:How do you find the alphabetically last letter of a string using recursion (no loops!) and without u
Next:How to return enumerable with enumerable and with model?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding