Updated securityModel for Ambassador Listener

digitalocean / Kubernetes-Starter-Kit-Developers

Hands-on tutorial and Automation stack for an operations-ready DigitalOcean Kubernetes (DOKS) cluster.

745 stars 258 forks source link

Updated securityModel for Ambassador Listener #134

Closed vladciobancai closed 2 years ago

vladciobancai commented 2 years ago

If the securityModel is configured as XFP and the Hosts uses action as Redirect the Ambassador will automatically redirect the traffic from http to https (apply HTTP/1.1 301 Moved Permanently). Previously was SECURE where Ambassador just configure the traffic to be secure and do not apply the redirect defined in the Hosts.

Fixing issue #133 for the redirect from http to https to work.

v-ctiutiu commented 2 years ago

@vladciobancai Before merging this PR, can you please add the explanation in the ambassador guide as well? Meaning why we must choose XFP over SECURE for the securityModel field from the Listener CRD . Thanks.

vladciobancai commented 2 years ago

@v-ctiutiu Applied the suggestions, please review them