Add new SSL port to existing Load Balancer


I have a load balancer setup that has ~180 connected containers. Right now it only has port 80 on it, but a request has come in to open up the port 443 as well.

I have the ssl cert loaded into rancher, but I’m wondering if i can just run a command via the api to update the load balancer config to add in the required details for making port 443 open as well.


I just came up with a work-around for the issue with the LB not having an upgrade option in the UI. That is to use the clone feature. It doesn’t give you 100% up-time though, so may not be what you need, but I’ll walk you through it any way :wink:

Say you have LB A, listening on port 80. The goal is to have LB A, listening on port 80, and 443 with SSL enabled, and not loosing any of its routing configuration.

Clone LB A to LB Atmp, changing port 80 to something else (hence, freeing up the port 80).
Delete LB A. (to free up that service name)
Clone LB Atmp to A, changing back to port 80, AND now you can also add 443 SSL port.
Delete LB Atmp.

Easier approach may be to use rancher-compose. Copy down the compose config from the UI, modify it, then run rancher-compose up --upgrade A on it, using that modified compose file.



I found a way to do it, I just downloaded the config files from rancher and then added the following to the docker/rancher-compose files.


  • Under ports I added:
    - 443:80
  • Under labels I added:
    io.rancher.loadbalancer.ssl.ports: '443'

Under the load_balancer_config i added
default_cert: 'name of my cert in rancher'

Then i just ran this to upgrade the lb config
rancher-compose up --force-upgrade -d lb-web

Followed by to confirm the upgrade
rancher-composer up -c -d

Once I did this, the port was available on the load balancer for me to start adding sites to.

1 Like

Problem solved :slight_smile:

(I assume you meant that the port was available on the load balancer…)

You are correct. Still too early and I haven’t finished my :coffee: yet.