SSL passthrough can be implemented with Traefik in Kubernetes by following these steps:
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.web.http.redirections.entryPoint.scheme=https
- --entrypoints.websecure.address=:443
apiVersion: v1
kind: Service
metadata:
name: my-service
annotations:
traefik.frontend.passHostHeader: "true"
spec:
selector:
app: my-app
ports:
- name: https
port: 443
protocol: TCP
targetPort: 443
- --tcp.services=my-service
- --tcp.routers=my-service
- --tcp.routers.my-service.entrypoints=websecure
- --tcp.routers.my-service.rule=HostSNI(`mydomain.com`)
- --tcp.services.my-service.loadBalancer.server.port=443
Replace mydomain.com
with the domain name used for SSL connections to the service.
After completing these steps, Traefik will pass SSL traffic through to the Kubernetes service without terminating the SSL connection.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2022-09-22 11:00:00 +0000
Seen: 18 times
Last updated: Nov 22 '21