Hello there,
I followed that blog article Google Cloud Armor and Traefik Proxy | Traefik Labs to setup Cloud Armor in front of my GKE/Traefik cluster.
Before doing that, I had Traefik configured with a LoadBalancer service, and CRD IngressRoutes for my application (with cert-manager for SSL), and that all works well.
However, in order to be able to have Cloud Armor on front, we can't use LoadBalancer services, but instead we have to use NodePort with a "catch-all" gce Ingress, as described by the blog article.
After following the blog article, I was able to configure Traefik with NodePort service and a "catch-all" gce Ingress.
That works well, I can also add IngressRoutes with custom domain and successfully call them in HTTP.
However, and that is not part of that blog, how do I have to configure all that to enable HTTPS?
Because, AFAIK, the "catch all" ingress can not be configured for HTTPS, as it would require a valid ssl certificate, but I don't know yet all the domains that my cluster will be reachable to, that's something I would have done later with with IngressRoute & cert-manager.
Does anyone know what to configure in order to accept HTTP & HTTPS?
Thanks in advance for your time & support.