Skip to content

Commit 7fe7979

Browse files
committed
Add L4 and L7 YAML examples to AWS docs
1 parent ea89e7e commit 7fe7979

File tree

1 file changed

+21
-1
lines changed

1 file changed

+21
-1
lines changed

docs/reference/ambassador-with-aws.md

Lines changed: 21 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ AWS provides three types of load balancers:
5353
* Supports L4 only
5454
* Cannot perform SSL/TLS offload
5555

56-
In Kubernetes, when using the AWS integration and a service of type `LoadBalancer`, the only types of load balancers that can be created are ELBs and NLBs (in Kubernetes 1.9 nand later).
56+
In Kubernetes, when using the AWS integration and a service of type `LoadBalancer`, the only types of load balancers that can be created are ELBs and NLBs (in Kubernetes 1.9 and later).
5757

5858
If you are running an ELB in L4 mode, you need to:
5959

@@ -62,4 +62,24 @@ If you are running an ELB in L4 mode, you need to:
6262
* `:80` -> `:8080` (the Envoy port doesn't matter)
6363
* Configure `redirect_cleartext_from` to redirect traffic on `8080` to the secure port
6464

65+
For this setup of an L4 load balancer, ambassador's configuration will look like -
6566

67+
```yaml
68+
apiVersion: ambassador/v0
69+
kind: Module
70+
name: tls
71+
config:
72+
server:
73+
enabled: True
74+
redirect_cleartext_from: 8080
75+
```
76+
77+
If you are running the load balancer in L7 mode, then you will want to redirect all the incoming HTTP requests with `X-FORWARDED-PROTO: http` header to HTTPS. In such a scenario, ambassador's configuration will look like -
78+
79+
```yaml
80+
apiVersion: ambassador/v0
81+
kind: Module
82+
name: ambassador
83+
config:
84+
x_forwarded_proto_redirect: true
85+
```

0 commit comments

Comments
 (0)