question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

AWS Load Balancer creates port 80 and 443 both with protocol SSL

See original GitHub issue

Need to create AWS load balancer with SSL(443) and TCP(80) but creates SSL(443) and SSL(80) A clear and concise description of what the bug is.

YAML file used to reproduce

apiVersion: v1
kind: Service
metadata:
  labels:
    service: ambassador
  name: ambassador
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:ap-southeast-1:123123123:certificate/443abcde-cfgh-klmn-6789-b9876ab01c67"
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "*"
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "tcp"
    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
    service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
    getambassador.io/config: |
      ---
      apiVersion: ambassador/v0
      kind:  Module
      name:  tls
      config:
        server:
          enabled: True
          redirect_cleartext_from: 80
      ---
      apiVersion: ambassador/v0
      kind:  Mapping
      name:  frontend-web_mapping
      prefix: /
      service: frontend-web:3000
spec:
  type: LoadBalancer
  ports:
  - name: ambassador-http
    port: 80
    targetPort: 80
  - name: ambassador-https
    port: 443
    targetPort: 443
  selector:
    service: ambassador

Expected behavior Need to either have a way to specify protocols for AWS Load Balancer listeners protocols or should specify protocols correctly

How do I make sure that the global redirection works from 80 to 443 and also listeners are created on load balancers with correct protocols and ports?

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:7

github_iconTop GitHub Comments

1reaction
dpankroscommented, Nov 23, 2018

@krish512 To my knowledge, you can only create ELBs (classic) or NLBs through kubernetes annotations. Specifically, the value of service.beta.kubernetes.io/aws-load-balancer-type controls the type of load balancer.

  1. If you don’t specify a value, an ELB (classic LB) is created.
  2. If you specify a value of nlb an NLB is created.
  3. any other value will not be accepted. Thus, for now, albs are not supported. Maybe sometime in the future.

Of course, you could create one manually, but if ports or hosts ever change, you’d be left to manually update them which, IMHO, is just asking for trouble.

1reaction
joseguerrerocommented, Nov 19, 2018

@dpankros I can confirm that service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443" solves the problem exposed by @krish512

Thanks!

Read more comments on GitHub >

github_iconTop Results From Across the Web

Configure an HTTPS listener for your Classic Load Balancer
If you have a load balancer with a listener that accepts HTTP requests on port 80, you can add a listener that accepts...
Read more >
AWS Load Balancer creates port 80 and 443 both ... - GitHub
Need to create AWS load balancer with SSL(443) and TCP(80) but creates SSL(443) and SSL(80) A clear and concise description of what the...
Read more >
How to serve your website on port 80 or 443 using AWS ...
By creating an AWS Load Balancer, you can let the load balancer listen on port 80 or 443 and have it route traffic...
Read more >
Configure Elastic Load Balancing with SSL and AWS ...
Ensure that the protocol is set to “HTTP”, the port to “80” and the target type to “instance”. With this configuration, traffic between...
Read more >
Allow HTTPS traffic via AWS Load balancer and EC2
For port 80 (HTTP) - On AWS console, for protocol choose HTTP and for port choose 80. -. Configure Security Settings. AWS Certificate...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found