2

I'm trying to deploy vernemq on kubernetes and want to access it with subdomain with ssl but ssl should be terminated before request go to vernemq on port 1883.

William
  • 225
  • 4
  • 21
  • What have you tried so far ? It's possible to have SSL termination e.g. wigh nginx-ingress controller. Did you look at this section in its docs https://kubernetes.github.io/ingress-nginx/examples/tls-termination/ ? – mario Oct 08 '21 at 19:58
  • Actually i know about that it work fine with http but i want that thing with tcp – William Oct 08 '21 at 20:21

1 Answers1

3

create file haproxy-ingress-values.yaml with following content

controller:
  tcp:
    "1883": "default/vernemq:1883:::default/mqtt-tls"

default/vernemq:1883 is service of vernemq with port 1883 and default/mqtt-tls is tls secret for mqtt which you want terminate.

then use the following command to upgrade your haproxy-ingress

helm upgrade haproxy-ingress haproxy-ingress/haproxy-ingress --create-namespace --namespace ingress-controller --version 0.13.4 -f haproxy-ingress-values.yaml

just replace upgrade with install if fresh installing haproxy-ingress.

Then at last deploy the following ingress

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: vernemq-ingress
  annotations:
    kubernetes.io/ingress.class: haproxy
    ingress.kubernetes.io/tcp-service-port: "1883"
spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: vernemq
                port:
                  number: 1883
Sabeeh
  • 1,478
  • 15
  • 15