hello-app-tls

command

v0.0.0-...-41c2201 Latest Latest Go to latest Published: Mar 5, 2021 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/elenarazguliaeva/kuber3

Links

Open Source Insights

README ¶

Example TLS web application

This is a sample web application written in Go that serves a simple response to HTTPS queries on port 8443:

TLS cert and key files are configured through environment variables TLS_CERT and TLS_KEY.
The application image is available at gcr.io/google-samples/hello-app-tls:1.0.

This example uses Ingress (Cloud HTTPS Load Balancer) to terminate HTTPS connections (with a provided certificate).

Note: This configuration also enables TLS backside encryption for the traffic between the load balancer and the application. In this example, the TLS certs are used both at the Ingress (to terminate traffic), and at the application (to do secure transport between the LB and the app). You can use any self signed certificate in your app (as the LB will not verify validity of the TLS cert presented by the app), however the certs you use on the Ingress should be valid TLS certificates for a non-test setup of your application.

HTTP/2 Support

This application can also be used to test HTTP/2 functionality as this Go application transparently supports HTTP/2 serving when available. Modify the service.alpha.kubernetes.io/app-protocols annotation from HTTPS to HTTP2 to test this.

Step 1: Create self-signed certificates

This is for testing only. In real world applications, you will need a valid TLS certificate issued by certificate authorities.

openssl req -new -newkey rsa:2048  \
    -nodes -x509 -subj '/CN=self-signed.ignore' -days 1800 \
    -keyout tls.key \
    -out tls.crt

Step 2: Import the TLS certificate and key as Secret

kubectl create secret tls yourdomain-tls \
    --cert="tls.crt" --key="tls.key"

Step 3: Deploy the application

kubectl apply -f manifests/helloweb-deployment.yaml
kubectl apply -f manifests/helloweb-ingress-tls.yaml

Step 4: Query the application

Once you find the load balancer IP address via kubectl get ingress, make an insecure HTTPS request (if you used self-signed TLS certificate) and verify it succeeds

curl -v --insecure https://35.x.x.x/
> GET / HTTP/2
> Host: 35.x.x.x
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/2 200
< date: Thu, 31 May 2018 18:18:38 GMT
< content-length: 65
< content-type: text/plain; charset=utf-8
< via: 1.1 google
<
Hello, world!
Protocol: HTTP/2.0
Hostname: helloweb-5c7f86f88b-ttqt9

Note: it may take 5-10 minutes for load balancer to start working.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL