如何创建HELM https服务? [英] How can I create a HELM https service?
问题描述
我打开Visual Studio 2019并创建一个新项目(用于kubernetes的容器应用程序).我勾选启用https支持,然后在Visual Studio中开始调试时打勾.我可以浏览到https地址.
I open Visual Studio 2019 and create a new project (Container application for kubernetes). I tick enable https support and then when I start debugging in Visual Studio; I can browse to the https address.
然后我尝试进一步.我在开发PC上的Docker Desktop中启用了Kubernetes,并按照以下说明进行操作(在打开所有.yaml文件并将所有https的引用更改为http并将所有端口80的引用更改为端口443之后):
I then try to go one step further. I have Kubernetes enabled in Docker Desktop on my development PC and follow these instructions (after opening all the .yaml files and changing all references of https to http and all references of port 80 to port 443):
1) cd C:\mvcsecure
2) docker build -t mvcsecure:stable -f c:\mvcsecure\mvcsecure\Dockerfile .
3) cd c:\mvcsecure\mvcsecure\charts
4) helm install mvcsecure ./mvcsecure/
5) kubectl expose deployment mvcsecure --type=NodePort --name=mvcsecure-service
6) kubectl get service
mvcsecure-service NodePort 10.96.128.133 <none> 443:31577/TCP 6s
7) I then try to browse to: https://localhost:31577 and it says:
Cannot securely connect to this page
请注意,没有选项可以信任证书或其他任何内容.
Notice there is no option to trust a certificate or anything.
我必须对Visual Studio创建的默认Helm图表进行哪些更改,以使https在基本服务上正常工作?我在网上找不到任何文档或示例.看到使用Helm部署到Kubernetes的https服务(mvc或api)的示例,将是很棒的.如果需要,我可以发布.yaml文件代码,但是有很多.
What changes must I make to the default Helm charts created by Visual Studio to get https working on my basic service? I cannot find any documentation or examples online. It would be great to see an example of a https service (mvc or api) deployed to Kubernetes using Helm. I could post the .yaml file code if needed,, however there is a lot of it.
我想按此处所述使用kubernetes集群根证书:如何通过https访问kubernetes服务?
I am wanting to use kubernetes cluster root certificate as described here: How to access a kubernetes service through https?
我已经检查了"Internet选项"中所有的TLS和SSL选项是否已勾选.
I have checked that all TLS and SSL options are ticked in Internet Options.
推荐答案
如果您的应用程序接受HTTP流量并且您想要进行安全(HTTPS);我建议尝试通过Kubernetes入口尝试 TLS终止.
In case when Your application accepts HTTP traffic and You want to make is secure (HTTPS); I suggest to try TLS termination with kubernetes ingress.
Kubernetes 文档很好地解释了如何配置TLS终止.使用入口对象,您可以使HTTP服务可以从集群外部通过HTTPS访问.
Kubernetes documentation has great explanation how to configure TLS termination. With ingress object You can make Your HTTP service be accessible via HTTPS from outside of the cluster.
这意味着与服务建立的连接将在群集中从内部进行一次HTTPS解密,并解密为HTTP.
This means that connections made to service will be made in HTTPS and get decrypted to HTTP once internally in Your cluster before reaching the service.
希望有帮助.
这篇关于如何创建HELM https服务?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
