我为提供 SSL 证书的 GKE 集群创建了一个入口。现在该入口提供两个 IP 地址,一个是 HTTP,端口为 :80,另一个是 HTTPS,端口为 443。问题是,当访问 HTTPS 时,它仍然显示不安全。我创建了这个图表来解释我的架构。非常感谢您的任何建议。 https://docs.google.com/drawings/d/1JLTlIFwwxNN7NK66dxM6rqhIOUQukVuFvMTRx7UGPK4/edit
这里是 YAML
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/backends: '{"k8s-be-XXXXX--XXXXXXXXXXXXXXXX":"HEALTHY"}'
ingress.kubernetes.io/forwarding-rule: k8s-fw-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX-ingress--XXXXXXXXXXXXXXXX
ingress.kubernetes.io/https-forwarding-rule: k8s-fws-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX-ingress--XXXXXXXXXXXXXXXX
ingress.kubernetes.io/https-target-proxy: k8s-tps-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX-ingress--XXXXXXXXXXXXXXXX
ingress.kubernetes.io/ssl-cert: k8s-ssl-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX--XXXXXXXXXXXXXXXX
ingress.kubernetes.io/static-ip: k8s-fw-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX-ingress--XXXXXXXXXXXXXXXX
ingress.kubernetes.io/target-proxy: k8s-tp-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX-ingress--XXXXXXXXXXXXXXXX
ingress.kubernetes.io/url-map: k8s-um-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX-ingress--XXXXXXXXXXXXXXXX
creationTimestamp: "2020-10-14T05:58:37Z"
finalizers:
- networking.gke.io/ingress-finalizer
generation: 1
name: XXXXXXXXXXXXXXXX-ingress
namespace: XXXXXXXXXXXXXXXX
resourceVersion: "XXXXXXXXXXXXXXXX"
selfLink: /apis/extensions/v1beta1/namespaces/XXXXXXXXXXXXXXXX/ingresses/XXXXXXXXXXXXXXXX-ingress
uid: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
spec:
backend:
serviceName: XXXXXXXXXXXXXXXX-service
servicePort: 80
tls:
- secretName: XXXXXXXXXXXXXXXX-certificate
status:
loadBalancer:
ingress:
- ip: XXXXXXXXXXXXXXXX
答案1
将其作为社区答案发布,并附上我们评论的摘要,以便更好地展示。
问题
Https 无法在带有 gke ingress 的 gke 上运行。
解决方案
这里的答案就是等待,因为负载平衡器可能需要几分钟才能正常工作。
正如 @robimalco 所提到的
我不得不等了几分钟才终于有了 HTTPS。这是教程我跟着
这也正是上述教程第 3 点所指出的。
注意:负载平衡器可能需要最多 10-20 分钟才能开始运行。