trouble applying TLS to the DNS name of my LoadBalancer service for my Kubernetes cluster

0 votes

I have a cluster running on azure using Managed service container. I created a static IP in Azure to use in the yaml for the loadbalancer service. Furthermore, I created a myprefix.cloudapp.azure.com DNS name for the IP. 

IP="XX.XX.XX.XX"
DNSNAME="myprefix"
RESOURCEGROUP=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$IP')].[resourceGroup]" --output tsv)
PIPNAME=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$IP')].[name]" --output tsv)
az network public-ip update --resource-group $RESOURCEGROUP --name $PIPNAME --dns-name $DNSNAME

I am having trouble applying TLS to the DNS name of my LoadBalancer service for my Kubernetes cluster.

yaml for my deployment:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: my-node-express-api-deployment
spec:
  replicas: 2
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
  minReadySeconds: 5
  template:
    metadata:
      labels:
        app: my-node-express-api
    spec:
      containers:
      - name: my-node-express-api-container
        image: myrepo/my-node-express-api-image:latest
        ports:
        - containerPort: 3000
      volumes:
      - name: tls
        secret:
          secretName: my-tls-secret

yaml for my LoadBalancing Service

apiVersion: v1
kind: Service
metadata:
  name: my-node-express-api-loadbalancer
spec:
  loadBalancerIP: 52.176.148.91
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 3000
    port: 443
    targetPort: 3000
  selector:
    app: my-node-express-api

Yaml for secret

apiVersion: v1
kind: Secret
metadata:
  name: my-tls-secret
  namespace: default
data:
  tls.crt: (base64 for myprefix.cloudapp.azure.com.crt)
  tls.key: (base64 for myprefix.cloudapp.azure.com.key)
Oct 5, 2018 in Kubernetes by lina
• 8,220 points
656 views

1 answer to this question.

0 votes
On Azure, if you need TLS termination on kubernetes, you can use Nginx Ingress controller.

To archive this, we can follow those steps:
1 Deploy the Nginx Ingress controller
2 Create TLS certificates
3 Deploy test http service
4 configure TLS termination
answered Oct 5, 2018 by Kalgi
• 52,350 points

Related Questions In Kubernetes

0 votes
1 answer
0 votes
1 answer

Cannot access the MetalLB LoadBalancer IP from outside my kubernetes cluster.

Check the firewall config and What port ...READ MORE

answered Sep 17, 2020 in Kubernetes by Garama

edited Oct 6, 2021 by Sarfaraz 2,211 views
0 votes
1 answer

Create LoadBalancer for kubernetes cluster in aws

Hello @Lina, If you're running your cluster on ...READ MORE

answered Oct 8, 2018 in Kubernetes by Kalgi
• 52,350 points
767 views
0 votes
1 answer

How do I create a service account for my dashboard and get all the credentails

Run the following commands: This command will create ...READ MORE

answered Oct 8, 2018 in Kubernetes by Kalgi
• 52,350 points
1,717 views
+1 vote
1 answer
0 votes
3 answers

Error while joining cluster with node

Hi Kalgi after following above steps it ...READ MORE

answered Jan 17, 2019 in Others by anonymous
15,572 views
0 votes
1 answer

Kubernetes nginx-ingress TLS issue

You have to create a secret named test-secret. ➜ ...READ MORE

answered Sep 11, 2018 in Kubernetes by Kalgi
• 52,350 points
1,995 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP