Skip to content
/ tls-sidecar Public

TLS/SSL sidecar for terminating HTTPS w/i k8s clusters

6 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pbrumblay/tls-sidecar

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
kubernetes
kubernetes
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
default.conf
default.conf
 
 

Repository files navigation

tls-sidecar

TLS/SSL sidecar for terminating HTTPS w/i k8s clusters

You can use this repository to demo a sidecar which can terminate TLS connections. This demo makes use of the kubernetes service type of type LoadBalancer, so it assumes that your cluster supports the automatic creation of load balancers.

To use:

# create a self-signed certificate
openssl req -x509 -newkey rsa:2048 -keyout tls.key -out tls.crt -nodes -subj '/CN=echo-server'

# create a TLS secret
kubectl create secret tls echo-tls --cert=tls.crt --key=tls.key

# clone this repository and load up the pbrumblay/tls-sidecar and pbrumblay/echo-server pods.
git clone https://github.com/pbrumblay/tls-sidecar
kubectl apply -f tls-sidecar/kubernetes/deployment.yaml

# Test it out. 
kubectl get svc echo-server
NAME          CLUSTER-IP     EXTERNAL-IP      PORT(S)         AGE
echo-server   10.3.250.228   <REDACTED>   443:31619/TCP   10m

# Now with the new IP you can verify the echo-server works.
curl -k https://<REDACTED>/lorem

Note that we're using curl's "-k" switch to disable certificate validation. You'll want to use a real certificate for real-world use cases.

About

TLS/SSL sidecar for terminating HTTPS w/i k8s clusters

Resources

Readme
Activity

Stars

6 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages