Expose an Application Securely Using TLS
In this guide, we’ll walk through the standard process of deploying a simple HTTP server secured with TLS and exposed via Ingress.
To securely deploy your applications on Ubicloud Kubernetes clusters using TLS, simply set up an Ingress controller along with Cert-Manager. This setup handles all your TLS needs.
Follow this step-by-step guide to deploy and expose an HTTPS application on your Kubernetes cluster. Before you begin, ensure that Helm is installed on your system.
Prerequisites
To complete this tutorial, Helm must be installed. You can follow the official installation guide available on the Helm website
You’ll also need an active domain and access to the control panel for managing DNS records in order to complete this guide.
Installing the required addons
You’ll need an email to register yourself with letsencrypt.
Next, we’ll add the ingress-nginx and jetstack Helm repositories to install the Ingress NGINX Controller and Cert Manager.
We’ll also create a ClusterIssuer in order to get certificates from letsencrypt for our service
Once all the commands have been executed, you’ll notice a Service named ingress-nginx-controller
created in the ingress-nginx
namespace. This Service is of type LoadBalancer, and the EXTERNAL-IP
column will display a domain that resolves to the IPs of your worker nodes.
You can see this service using the command below
Here’s a sample output of the command:
Add DNS record to route the traffic to the cluster
Next, create a CNAME record with your DNS provider pointing *.ingress.yourdomain.com to the domain listed in the EXTERNAL-IP. Feel free to use any subdomain that best suits your setup.
Deploy your application
Now you can visit https://hello-world.ingress.yourdomain.com!