I have a functional Ingress running with TLS setup and working correctly. I can access http://whoami.domain.com and https://whoami.domain.com, and correct certificate is used on the https domain.
I'm running on Google, and I know that Googles Ingress controller does not allow setting force ssl to assure that the traffic goes over https. I know I can disable http with kubernetes.io/ingress.allow-http: "false" but we do not want the friction for the user to know that they need to use https://
My thought of how to solve this would be to have a "redirect" backend that I define as default backend for all port=80 requests, that just 301 to https... However, I cannot find a way to define ingress rules that respects the incoming port.
This is my current thought of how to do it, but of course it does not function :)
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: app-ingress
spec:
tls:
- hosts:
- whoami.domain.com
secretName: tls-whoami
rules:
- host: whoami.domain.com
port: 443 # my wish :)
http:
paths:
- backend:
serviceName: whoami-service
servicePort: 80
- host: whoami.domain.com
port: 80 # my wish :)
http:
paths:
- backend:
serviceName: http-redirect-service
servicePort: 80
I have been trying to find WHAT rule keys one can supply, but cannot find any list, just examples where they are all about host and path.
