If you are using a released version of Kubernetes, you should refer to the docs that go with that version.
The latest release of this document can be found [here](http://releases.k8s.io/release-1.1/examples/https-nginx/README.md).Documentation for other releases can be found at releases.k8s.io.
This example creates a basic nginx https service useful in verifying proof of concept, keys, secrets, and end-to-end https service creation in kubernetes. It uses an nginx server block to serve the index page over both http and https.
First generate a self signed rsa key and certificate that the server can use for TLS. This step invokes the make_secret.go script in the same directory, which uses the kubernetes api to generate a secret json config in /tmp/secret.json.
$ make keys secret KEY=/tmp/nginx.key CERT=/tmp/nginx.crt SECRET=/tmp/secret.json
You need a running kubernetes cluster for this to work.
$ kubectl create -f /tmp/secret.json
secrets/nginxsecret
$ kubectl create -f examples/https-nginx/nginx-app.yaml
services/nginxsvc
replicationcontrollers/my-nginx
$ kubectl get svc nginxsvc -o json
...
{
"name": "http",
"protocol": "TCP",
"port": 80,
"targetPort": 80,
"nodePort": 30849
},
{
"name": "https",
"protocol": "TCP",
"port": 443,
"targetPort": 443,
"nodePort": 30744
}
...
$ kubectl get nodes -o json | grep ExternalIP -A 2
...
"type": "ExternalIP",
"address": "104.197.63.17"
}
--
"type": "ExternalIP",
"address": "104.154.89.170"
}
...
$ curl https://nodeip:30744 -k
...
<title>Welcome to nginx!</title>
...
For more information on how to run this in a kubernetes cluster, please see the user-guide.