Hello,
I have the following issue, I have been asked to create a web-hook that is business to business and is called when a event happens. The authentication needs to be mTLS and is called from a external client running on prem.
We are using GKE Autopiliot with a ingress controller as shown below, I am so confused why this is not working and would love some help.
apiVersion: "networking.k8s.io/v1"
kind: "Ingress"
metadata:
name: "service_ingress_controller"
annotations:
networking.gke.io/managed-certificates: managed-cert
kubernetes.io/ingress.allow-http: "false"
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/secure-backends: "true"
ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/auth-tls-verify-client: "false"
nginx.ingress.kubernetes.io/auth-tls-secret: "mtlsserver"
nginx.ingress.kubernetes.io/auth-tls-pass-certificate-to-upstream: "true"
nginx.ingress.kubernetes.io/auth-tls-verify-depth: "1"
spec:
tls:
- secretName: mtlsserver
rules:
- host: "domain.com/incoming/external"
http:
paths:
- pathType: "ImplementationSpecific"
path: /*
backend:
service:
name: "service-transaction"
port:
number: 443
---
apiVersion: v1
kind: Service
metadata:
name: service-transaction
labels:
run: service-transaction
annotations:
cloud.google.com/app-protocols: '{"my-https-port":"HTTPS"}'
spec:
type: NodePort
selector:
app: service-transaction
ports:
- name: my-https-port
port: 443
targetPort: 50000
protocol: TCP
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: service-transaction
name: service-transaction
spec:
selector:
matchLabels:
app: service-transaction
strategy: {}
template:
metadata:
labels:
app: service-transaction
spec:
terminationGracePeriodSeconds: 30
containers:
- image: image
name: service-transaction
imagePullPolicy: Always
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "250m"
ports:
- containerPort: 50000
name: transaction Any help is appreciated, thanks,
JRW
LinkedIn
Twitter
