Attaching domain(TLS) certificates to Kubernetes cluster

  1. Create a TLS secret in kubernetes cluster
  2. Map the secret in ingress mappings
  3. Map the domain in ingress mappings
Command to create secret: kubectl create secret tls my-tls-secret \
--key < private key filename> \
--cert < certificate filename>
Eg. kubectl create secret tls sm-tls-secret --cert=/home/user/Code/restaurant-k8s-repos/mycert.cert --key=/home/user/Code/restaurant-k8s-repos/mycert.keyCommand to Show the secret created:
kubectl get secret sm-tls-secret
Command to Output the secret in a file: kubectl get secrets sm-tls-secret -o yaml > sm-tls-secret.yaml
apiVersion: networking.k8s.io/v1kind: Ingressmetadata:  name: ingress-mapping  namespace: ingress-nginx  annotations:    kubernetes.io/ingress.class: nginx    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"spec:#mappings for secret  tls:  - secretName: sm-tls-secretrules:- host: mydomain.io  http:    paths:# smartmenu routes begins here   - path: /ui     pathType: Prefix     backend:       service:         name: smartmenu-api-service         port:           number: 6383
mydomain.io is mapped to the host array. spec.rules.host[]

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store