1 | initial version |
SSL passthrough can be implemented with Traefik in Kubernetes by following these steps:
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.web.http.redirections.entryPoint.scheme=https
- --entrypoints.websecure.address=:443
apiVersion: v1
kind: Service
metadata:
name: my-service
annotations:
traefik.frontend.passHostHeader: "true"
spec:
selector:
app: my-app
ports:
- name: https
port: 443
protocol: TCP
targetPort: 443
- --tcp.services=my-service
- --tcp.routers=my-service
- --tcp.routers.my-service.entrypoints=websecure
- --tcp.routers.my-service.rule=HostSNI(`mydomain.com`)
- --tcp.services.my-service.loadBalancer.server.port=443
Replace mydomain.com
with the domain name used for SSL connections to the service.
After completing these steps, Traefik will pass SSL traffic through to the Kubernetes service without terminating the SSL connection.