腾讯云TKE ingress http和https混合使用

我的环境需要服务http和https都支持访问，根据腾讯云的官方文档添加注解后无效：

https://cloud.tencent.com/document/product/457/45693

注解示例：

kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.http-rules: '[{"host":"www.tencent.com","path":"/","backend":{"serviceName":"sample-service","servicePort":"80"}}]'
    kubernetes.io/ingress.https-rules: '[{"host":"www.tencent.com","path":"/","backend":{"serviceName":"sample-service","servicePort":"80"}}]'
    kubernetes.io/ingress.rule-mix: "true"
  name: sample-ingress
  namespace: default
spec:
  rules:
  - host: www.tencent.com
    http:
      paths:
      - backend:
          serviceName: sample-service
          servicePort: 80
        path: /
  tls:
  - secretName: tencent-com-cert

配置后经过测试无效，还是http自动跳转到https，通过查看nginx-ingress官方注解，需要添加 ssl-redirect: "false" in the NGINX ConfigMap. (全局生效)或者添加ingress注解：nginx.ingress.kubernetes.io/ssl-redirect: "false"

设置后仍然无效，还是继续跳转https，通过查看返回码发现，我这边通过http访问的适合，重定向码为307，官方注解说的是308，可能是这个原因，于是重写 http-redirect-code

编辑configmap,添加如下参数：

 

再次测试，终于正常了

 

 总结：腾讯的tke集群的ingress如果要实现http和https混合使用，需要配置以下三个地方：
1.根据官方文档配置如下注解：

    kubernetes.io/ingress.http-rules: '[{"host":"www.tencent.com","path":"/","backend":{"serviceName":"sample-service","servicePort":"80"}}]'
    kubernetes.io/ingress.https-rules: '[{"host":"www.tencent.com","path":"/","backend":{"serviceName":"sample-service","servicePort":"80"}}]'
    kubernetes.io/ingress.rule-mix: "true"

2.configmap或者目标ingress关闭ssl_redirect

3.如果还是不行，需要修改configmap的http-redirect-code