Rancher 2.x - HTTP 到 HTTPS 重定向

Rancher 2.x - HTTP to HTTPS redirect

我使用 docs 安装了 Rancher 2.4.4,一切正常。我可以使用我的自定义域 rancher.mydomain.com 使用 https 访问服务器。

我使用 test.mydomain.com 创建了一个入口来访问服务。我正在使用自签名证书来测试 https://test.mydomain.com 访问并且它正在运行。但是我可以使用 http 访问相同的服务。如何进行重定向或避免使用 http 访问我的集群?这是更改了敏感信息的入口:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    field.cattle.io/creatorId: user-tk7hh
    field.cattle.io/ingressState: '{"dW5pbWVk":"p-pfqlz:test","abc":"deployment:test:httpbin","abc==":"deployment:test:httpbin"}'
    field.cattle.io/publicEndpoints: '[{"addresses":["1.2.3.4"],"port":443,"protocol":"HTTPS","serviceName":"unimed:ingress-5d3e64b41895cfc7d3d354d63a7d83d0","ingressName":"test:test","hostname":"test.mydomain.com","path":"/status","allNodes":false},{"addresses":["1.2.3.4"],"port":443,"protocol":"HTTPS","serviceName":"test:ingress-9922b5a9032d962093476e63c4335d80","ingressName":"test:test","hostname":"test.mydomain.com","path":"/delay","allNodes":false}]'
  creationTimestamp: "2020-06-05T23:28:23Z"
  generation: 11
  labels:
    cattle.io/creator: norman
  managedFields:
  - apiVersion: extensions/v1beta1
    fieldsType: FieldsV1
    fieldsV1:
      f:status:
        f:loadBalancer:
          f:ingress: {}
    manager: traefik
    operation: Update
    time: "2020-06-05T23:28:23Z"
  - apiVersion: extensions/v1beta1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:field.cattle.io/creatorId: {}
          f:field.cattle.io/ingressState: {}
          f:field.cattle.io/publicEndpoints: {}
        f:labels:
          .: {}
          f:cattle.io/creator: {}
      f:spec:
        f:rules: {}
        f:tls: {}
    manager: Go-http-client
    operation: Update
    time: "2020-06-08T19:22:11Z"
  name: unimed
  namespace: unimed
  resourceVersion: "998963"
  selfLink: /apis/extensions/v1beta1/namespaces/test/ingresses/test
  uid: b138da9d-9ca8-4a23-a9b9-3ae1e400177d
spec:
  rules:
  - host: test.mydomain.com
    http:
      paths:
      - backend:
          serviceName: ingress-5d3e64b41895cfc7d3d354d63a7d83d0
          servicePort: 80
        path: /status
        pathType: ImplementationSpecific
      - backend:
          serviceName: ingress-9922b5a9032d962093476e63c4335d80
          servicePort: 80
        path: /delay
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - test.mydomain.com
    secretName: test
status:
  loadBalancer:
    ingress:
    - ip: 1.2.3.4

已解决。 Rancher 2.4.4 使用 Traefik 作为负载均衡器。我们需要放置此注释以进行重定向

traefik.ingress.kubernetes.io/redirect-entry-point: https

可以使用界面在 Ingress 中执行此操作。