https://pulumi.com logo
Powered by
Title
s

salmon-ghost-86211

02/20/2020, 4:24 PM
I have created an Ingress using the following code. The cluster is defined elsewhere. 
import * as k8s from "@pulumi/kubernetes";

const httpsIngressResource = new k8s.extensions.v1beta1.Ingress(
    "rwingress",
    {
        metadata: {
            namespace: "platform",
            annotations: {
                "<http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>": "alb",
                "<http://alb.ingress.kubernetes.io/scheme|alb.ingress.kubernetes.io/scheme>": "internet-facing",
                "<http://alb.ingress.kubernetes.io/certificate-arn|alb.ingress.kubernetes.io/certificate-arn>": "arn:aws:acm:us-east-1:111111111111:certificate/12345678-90ab-cdef-1234-567890abcdef",
                "<http://alb.ingress.kubernetes.io/aws-load-balancer-backend-protocol|alb.ingress.kubernetes.io/aws-load-balancer-backend-protocol>": "http",
                "<http://alb.ingress.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled|alb.ingress.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled>": "true",
                "<http://alb.ingress.kubernetes.io/aws-load-balancer-ssl-ports|alb.ingress.kubernetes.io/aws-load-balancer-ssl-ports>": "https"
            },
            labels: { app: "rw" }
        },
        spec: {
            rules: [
                {
                    http: {
                        paths: [
                            {
                                path: "/admin*",
                                backend: { serviceName: "rec-app", servicePort: 80 }
                            },
                            {
                                path: "/*",
                                backend: { serviceName: "rw", servicePort: 80 }
                            }
                        ]
                    }
                }
            ]
        }
    },
    { provider: cluster.provider }
);
It correctly creates an ALB with a single https/443 listener with rules that direct to new target groups pointing to the mentioned services. THE ISSUE: I can't seem to figure out how to add an http/80 listener that redirects to https/443. The api doesn't seem to allow me to add any other rules even with annotations like 
"<http://alb.ingress.kubernetes.io/aws-load-balancer-ssl-ports|alb.ingress.kubernetes.io/aws-load-balancer-ssl-ports>": "https"
removed.
Maybe I need to use 
IngressList
instead of 
Ingress
#awsJoin Slack
Powered by