Redirecting HTTP to HTTPS Using a Kubernetes Ingress Controller on Amazon EKS
Redirecting HTTP to HTTPS Using a Kubernetes Ingress Controller on Amazon EKS
In the world of web applications, security is paramount. One of the most fundamental ways to ensure this is by redirecting HTTP traffic to HTTPS. This blog post will guide you through the process of setting up an HTTP to HTTPS redirection using a Kubernetes Ingress Controller on Amazon Elastic Kubernetes Service (EKS).
Prerequisites
Before we dive in, ensure you have the following:
- An Amazon EKS cluster up and running.
kubectlandawsCLI installed and configured.- A domain name registered and hosted on Amazon Route 53.
- An SSL certificate for your domain on AWS Certificate Manager (ACM).
Step 1: Install the NGINX Ingress Controller
First, we need to install the NGINX Ingress Controller. This controller is a type of Kubernetes Ingress, which manages external access to services in a cluster.
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.48.1/deploy/static/provider/aws/deploy.yaml
Step 2: Verify the Installation
Confirm that the NGINX Ingress Controller is running:
kubectl get pods -n ingress-nginx \
-l app.kubernetes.io/name=ingress-nginx --watch
Step 3: Configure the Ingress Resource
Next, we’ll configure the Ingress resource to use the SSL certificate and enable HTTP to HTTPS redirection. Create a new file ingress.yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/use-regex: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
tls:
- hosts:
- mydomain.com
secretName: mydomain-tls
rules:
- host: mydomain.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: my-service
port:
number: 80
Replace mydomain.com with your domain and my-service with your service name.
Step 4: Apply the Ingress Resource
Apply the Ingress resource configuration:
kubectl apply -f ingress.yaml
Step 5: Update DNS Records
Finally, update your DNS records in Route 53 to point your domain to the Ingress Controller’s LoadBalancer URL.
ELB=$(kubectl get svc -n ingress-nginx \
-o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
aws route53 change-resource-record-sets --hosted-zone-id /hostedzone/YOUR_HOSTED_ZONE_ID \
--change-batch '{
"Changes": [
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "mydomain.com",
"Type": "A",
"AliasTarget":{
"HostedZoneId": "Z32O12XQLNTSW2",
"DNSName": "'$ELB'",
"EvaluateTargetHealth": false
}
}
}
]
}'
Replace YOUR_HOSTED_ZONE_ID with your Route 53 hosted zone ID and mydomain.com with your domain.
Conclusion
Congratulations! You’ve successfully set up HTTP to HTTPS redirection using a Kubernetes Ingress Controller on Amazon EKS. This setup not only secures your web applications but also improves your SEO ranking as search engines favor HTTPS websites.
Remember, security is a continuous process. Always stay updated with the latest practices and tools to keep your applications secure.
References
Keywords: Kubernetes, Ingress Controller, Amazon EKS, HTTP to HTTPS, NGINX, AWS, Route 53, SSL, ACM, SEO, Web Security
About Saturn Cloud
Saturn Cloud is your all-in-one solution for data science & ML development, deployment, and data pipelines in the cloud. Spin up a notebook with 4TB of RAM, add a GPU, connect to a distributed cluster of workers, and more. Join today and get 150 hours of free compute per month.
