I recently tried to put SSL on a service by deploying an Ingress and a Ingress controller, but ultimately I do not think that is what I want.
I think I just want to have a Google Cloud HTTPS Load Balancer and just declare a service like this: --- apiVersion: v1 kind: Service metadata: name: api labels: app: api spec: type: LoadBalancer loadBalancerIP: <Static IP in Google Cloud> ports: - port: 443 targetPort: 8090 protocol: TCP name: https selector: app: api Here are the steps I went through to try to achieve this: 1. Upload my SSL cert gcloud compute ssl-certificates create star --certificate my.crt --private-key my.key 2. Create a static IP address 3. Create a Load Balancer I created an HTTPS load balancer with a backend pointing to my cluster on port 8090. I created a frontend using my static IP address, port 443, using my cert. 4. Assign my Service's loadBalancerIP to that of my static IP. When I run `kubectl get services` I'm shown: NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE api 10.21.25.24 <pending> 443:32606/TCP 43m When I load https://mysite.com (pointing to my static IP), I get this in the browser: Error: Server Error The server encountered a temporary error and could not complete your request. Please try again in 30 seconds. when I run `gcloud compute forwarding-rules list` I get this: NAME REGION IP_ADDRESS IP_PROTOCOL TARGET api-fe <static IP> TCP api-lb-target-proxy Any ideas as to what I am doing wrong? I cannot tell if my error is my Kubernetes architecture or in the way I provisioned by Google Cloud LoadBalancer. -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.