我已将AWS ACM提供的SSL证书附加到NLB。NLB将请求转发到nginx入口。Nginx给了我以下错误。CCD_ 1。我在nginxingress中设置了以下注释。
- nginx.ingress.kubernetes.io/force-sl-redirect:false
- nginx.ingress.kubernetes.io/sl-redirect:false
我在运行在NLB后面的nginx入口服务中设置了以下注释。
- service.beta.kubernetes.io/aws-load-balancer-backend协议:http
- service.beta.kubernetes.io/aws-load-balancer-ssl-cert:";证书arn">
- service.beta.kubernetes.io/aws-load-balancer-ssl-ports:https
- service.beta.kubernetes.io/aws-load-balancer-type:nlb
对于此错误:
纯HTTP请求被发送到HTTPS端口
在Nginx服务中更改端口配置,例如,HTTPS部分中的目标端口应为http,而不是HTTPS
ports:
- name: https
**targetPort: http**
此处为注释以供参考
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "60"
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:ap-southeast-1:xxxxxxx:certificate/8991ftt8-69e0-4e7d-1164-yy0aae19da90v
service.beta.kubernetes.io/aws-load-balancer-type: nlb