From e4a7375d342039650c5a69fc2e5ab2119de3c4f4 Mon Sep 17 00:00:00 2001 From: Daniel Tomcej Date: Thu, 23 Aug 2018 00:52:02 -0600 Subject: [PATCH] Update kubernetes docs to reflect https options --- docs/configuration/backends/kubernetes.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/configuration/backends/kubernetes.md b/docs/configuration/backends/kubernetes.md index fac33b231..8f1781314 100644 --- a/docs/configuration/backends/kubernetes.md +++ b/docs/configuration/backends/kubernetes.md @@ -127,7 +127,13 @@ This will give more flexibility in cloud/dynamic environments. Traefik automatically requests endpoint information based on the service provided in the ingress spec. Although traefik will connect directly to the endpoints (pods), it still checks the service port to see if TLS communication is required. -If the service port defined in the ingress spec is 443, then the backend communication protocol is assumed to be TLS, and will connect via TLS automatically. + +There are 2 ways to configure Traefik to use https to communicate with backend pods: + +1. If the service port defined in the ingress spec is 443 (note that you can still use `targetPort` to use a different port on your pod). +2. If the service port defined in the ingress spec has a name that starts with `https` (such as `https-api`, `https-web` or just `https`). + +If either of those configuration options exist, then the backend communication protocol is assumed to be TLS, and will connect via TLS automatically. !!! note Please note that by enabling TLS communication between traefik and your pods, you will have to have trusted certificates that have the proper trust chain and IP subject name.