- 设置:带有应用程序网关入口的 Azure AKS,带有注释
ssl-redirect=true - 问题:根路径没有重定向到 HTTPS。
这是我的ingress.yml:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/backend-path-prefix: /
appgw.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- my.company.com
secretName: my
rules:
- host: my.company.com
http:
paths:
- path: /*
backend:
serviceName: my-gui-svc
servicePort: 80
- path: /svc1/*
backend:
serviceName: my-svc1-svc
servicePort: 80
- path: /svc2/*
backend:
serviceName: my-svc2-svc
servicePort: 80
curl以下是来自其中一条非根路由的响应:
C:\>curl http://my.company.com/svc1/
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>Microsoft-Azure-Application-Gateway/v2</center>
</body>
</html>
这是根规则:
C:\>curl http://my.company.com/foo
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
...
我也尝试改变规则列出的顺序,例如将根路径放在最后,但并没有什么不同。
其结果如下kubectl describe ingress:
C:\>kubectl describe ingress
Name: my-ingress
Namespace: default
Address:
Default backend: default-http-backend:80 (<none>)
TLS:
my terminates my.company.com
Rules:
Host Path Backends
---- ---- --------
my.company.com
/* my-gui-svc:80 (10.0.0.28:80)
/svc1/* my-svc1-svc:80 (10.0.0.61:80)
/svc2/* my-svc2-svc:80 (10.0.0.77:80)
Annotations:
appgw.ingress.kubernetes.io/backend-path-prefix: /
appgw.ingress.kubernetes.io/ssl-redirect: true
kubectl.kubernetes.io/last-applied-configuration: {"apiV...
kubernetes.io/ingress.class: azure/application-gateway
Events: <none>
此外,当我在 Azure 门户中检查规则时,我看到的内容如下:
(出于安全考虑,图片中的名称/站点字符串已被修改)
我究竟做错了什么?