Having installed Nginx, now it’s the time to setup the TLS for our kubernetes cluster.
First we download the certificate from our certificate authority.
Next we apply the next secret in our kubernetes cluster, updating the values with the base 64 encoded certificate and key.
apiVersion: v1
kind: Secret
metadata:
name: podrunner-tls
namespace: kube-system
type: kubernetes.io/tls
data:
tls.crt: <REPLACE WITH BASE64 OF THE CERTIFICATE>
tls.key: <REPLACE WITH BASE64 OF THE KEY>
If you need help getting the base64 of the key and certificate, run the next commands:
base64 -w 0 tls.key
base64 -w 0 tls.crt
Now we can create an ingress rule with a certificate and a host name:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example
namespace: foo
spec:
ingressClassName: nginx
tls:
- hosts:
- www.example.com
secretName: example-tls
rules:
- host: www.example.com
http:
paths:
- pathType: Prefix
backend:
service:
name: exampleService
port:
number: 80
path: /
Documentation and links:
- Basic Nginx configuration - https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/basic-configuration/