I have a frontend web server I’m hosting using DigitalOcean Kubernetes, and created a load balancer to serve traffic through. I created the load balancer using kubectl expose
and then set it to redirect https traffic to http through the DigitalOcean website. I’ve noticed that every time I upgrade the Kubernetes cluster version it resets the load balancer’s settings, preventing any secure https traffic coming through. Is this intended behavior? How can I permanently setup https redirect? I’m assuming one of two things is happening:
I’m not supposed to be able to edit load balancers that were created through Kubernetes, but this behavior was accidentally allowed through the UI
The Kubernetes upgrade process inadvertently wipes all load balancer settings for balancers associated with the cluster that’s being upgraded
Any help is much appreciated, thanks!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Not sure if anyone else has experienced this same problem, but I was able to fix it! Option #1 seems closest to reality. From my understanding, Kubernetes-owned load balancers should be configured completely using Kubernetes annotations, not through the UI. These resources helped me determine what was going on:
How to configure a DigitalOcean Load Balancer with DNS routing from Kubernetes
List of DigitalOcean Load Balancer Annotations
Push-to-Deploy on DigitalOcean Kubernetes Using GitHub Actions
Helpful repo from the link above that has a good starter deployment.yml file
And in case anyone else is also trying to setup a load balancer with SSL redirect and a DigitalOcean-managed SSL certificate, here’s my final service definition:
If anyone from the DigitalOcean team is reading this… I think it would make a lot of sense to disallow modification of load balancer settings through the UI for Kubernetes-managed load balancers, and instead state that all settings must be changed through the use of annotations, and provide links to some of the resources listed above. That would have saved me hours of work and frustration.