FIX: Ingress HTTPS Doku (#69)

* FIX: Ingress controller with HTTPS.
ergon · Feb 11, 2021 · f01c3be · f01c3be
1 parent 5218092
commit f01c3be
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 4 deletions.
diff --git a/charts/microgateway/Chart.yaml b/charts/microgateway/Chart.yaml
@@ -14,5 +14,5 @@ maintainers:
   - email: [email protected]
     name: Airlock
 name: microgateway
-version: 0.6.3
+version: 0.6.4
 appVersion: "1.0"
diff --git a/charts/microgateway/README.md b/charts/microgateway/README.md
@@ -6,7 +6,7 @@ It is the lightweight, container-based deployment form of the *Airlock Gateway*,
 
 The Airlock helm charts are used internally for testing the *Airlock Microgateway*. We make them available publicly under the [MIT license](https://github.com/ergon/airlock-helm-charts/blob/master/LICENSE).
 
-The current chart version is: 0.6.3
+The current chart version is: 0.6.4
 
 ## About Ergon
 *Airlock* is a registered trademark of [Ergon](https://www.ergon.ch). Ergon is a Swiss leader in leveraging digitalisation to create unique and effective client benefits, from conception to market, the result of which is the international distribution of globally revered products.
@@ -612,7 +612,8 @@ The Microgateway Helm chart itself does not install the nginx-ingress-controller
 #### Ingress terminating secure HTTPS
 The TLS certificate of the Ingress must be in a secret object which is referred to in the Ingress configuration.
 At the time of writing, Ingress supports only the default port 443 for HTTPS and directly assumes it is TLS.
-In case that multiple hosts are configured, TLS-SNI is used to distinguish what host the client requested.
+In case that multiple hosts are configured, TLS-SNI is used to distinguish what host the client requested.  
+For each configured `ingress.tls.host`, an `ingress.hosts` entry must also be created to ensure that the ingress rules are created correctly. 
 
   To receive HTTPS traffic from the outside of the Kubernetes cluster, use the following configuration:
   ```
@@ -627,8 +628,11 @@ In case that multiple hosts are configured, TLS-SNI is used to distinguish what
       - secretName: virtinc-tls-secret
         hosts:
           - virtinc.com
+    hosts: 
+      - virtinc.com
   ```
 
+
 ### Openshift Route
 Since the Route controller is already available in an Openshift environment, nothing has to be installed additionally.
 

diff --git a/charts/microgateway/README.md.gotmpl b/charts/microgateway/README.md.gotmpl
@@ -511,7 +511,8 @@ The Microgateway Helm chart itself does not install the nginx-ingress-controller
 #### Ingress terminating secure HTTPS
 The TLS certificate of the Ingress must be in a secret object which is referred to in the Ingress configuration.
 At the time of writing, Ingress supports only the default port 443 for HTTPS and directly assumes it is TLS.
-In case that multiple hosts are configured, TLS-SNI is used to distinguish what host the client requested.
+In case that multiple hosts are configured, TLS-SNI is used to distinguish what host the client requested.  
+For each configured `ingress.tls.host`, an `ingress.hosts` entry must also be created to ensure that the ingress rules are created correctly. 
 
   To receive HTTPS traffic from the outside of the Kubernetes cluster, use the following configuration:
   ```
@@ -526,8 +527,11 @@ In case that multiple hosts are configured, TLS-SNI is used to distinguish what
       - secretName: virtinc-tls-secret
         hosts:
           - virtinc.com
+    hosts: 
+      - virtinc.com
   ```
 
+
 ### Openshift Route
 Since the Route controller is already available in an Openshift environment, nothing has to be installed additionally.