Home > Net >  How To Enable SSL on Google Kubernetes Engine while using ingress-nginx?
How To Enable SSL on Google Kubernetes Engine while using ingress-nginx?

Time:04-14

I am using GKE with ingress-nginx (https://kubernetes.github.io/ingress-nginx/). I tried many tutorials using cert-manager but was unable to learn it. Could you give me a yaml file as an example if you are able to get SSL working with ingress-nginx in google kubernetes engine?

You can use this as a starting point and expand on it

apiVersion: apps/v1
kind: Deployment
metadata:
  name: arecord-depl
spec:
  replicas: 1
  selector:
    matchLabels:
      app: arecord
  template:
    metadata:
      labels:
        app: arecord
    spec:
      containers:
        - name: arecord
          image: gcr.io/clear-shell-346807/arecord
          ports:
            - containerPort: 8080
          env:
            - name: PORT
              value: "8080"
---
apiVersion: v1
kind: Service
metadata:
  name: arecord-srv
spec:
  selector:
    app: arecord
  ports:
    - name: arecord
      protocol: TCP
      port: 8080
      targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: echo-ingress
  annotations:
    kubernetes.io/ingress.class: "gce"
    kubernetes.io/ingress.global-static-ip-name: ssl-ip
spec:
  tls:
    - hosts:
        - vareniyam.me
      secretName: echo-tls
  rules:
    - host: vareniyam.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: arecord-srv
                port:
                  number:
                    8080

CodePudding user response:

  1. You have said you're using nginx ingress, but your ingress class is saying gce:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: echo-ingress
  annotations:
    kubernetes.io/ingress.class: "gce"
  1. You have not indicated which ClusterIssuer or Issuer you want to use. cert-manager issues certificates only after you tell it you want it to create a certificate

I am unsure what tutorials you have tried, but have you tried looking at the cert-manager docs here: https://cert-manager.io/docs/

  • Related