openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
13e78c2b320570037fd9f41ea46dd9ce69f403bd
openshift-docs/modules/adding-tls-termination.adoc
Jessi Manthei 13e78c2b32 OSDOCS-12759 the ALBO docs restructure
2024-12-14 03:12:43 +00:00

64 lines
2.0 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * networking/networking_operators/aws_load_balancer_operator/configuring-aws-load-balancer-operator.adoc
:_mod-docs-content-type: PROCEDURE
[id="nw-adding-tls-termination_{context}"]
= Adding TLS termination on the AWS Load Balancer
You can route the traffic for the domain to pods of a service and add TLS termination on the AWS Load Balancer.
.Prerequisites
* You have an access to the OpenShift CLI (`oc`).
.Procedure
. Create a YAML file that defines the `AWSLoadBalancerController` resource:
+
.Example `add-tls-termination-albc.yaml` file
[source,yaml]
----
apiVersion: networking.olm.openshift.io/v1
kind: AWSLoadBalancerController
metadata:
name: cluster
spec:
subnetTagging: Auto
ingressClass: tls-termination <1>
----
<1> Defines the ingress class name. If the ingress class is not present in your cluster the AWS Load Balancer Controller creates one. The AWS Load Balancer Controller reconciles the additional ingress class values if `spec.controller` is set to `ingress.k8s.aws/alb`.
. Create a YAML file that defines the `Ingress` resource:
+
.Example `add-tls-termination-ingress.yaml` file
[source,yaml]
----
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: <example> <1>
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing <2>
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:xxxxx <3>
spec:
ingressClassName: tls-termination <4>
rules:
- host: example.com <5>
http:
paths:
- path: /
pathType: Exact
backend:
service:
name: <example_service> <6>
port:
number: 80
----
<1> Specifies the ingress name.
<2> The controller provisions the load balancer for ingress in a public subnet to access the load balancer over the internet.
<3> The Amazon Resource Name (ARN) of the certificate that you attach to the load balancer.
<4> Defines the ingress class name.
<5> Defines the domain for traffic routing.
<6> Defines the service for traffic routing.
View Git Blame Copy Permalink