trouble applying TLS to the DNS name of my LoadBalancer service for my Kubernetes cluster

0 votes

I have a cluster running on azure using Managed service container. I created a static IP in Azure to use in the yaml for the loadbalancer service. Furthermore, I created a myprefix.cloudapp.azure.com DNS name for the IP. 

IP="XX.XX.XX.XX"
DNSNAME="myprefix"
RESOURCEGROUP=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$IP')].[resourceGroup]" --output tsv)
PIPNAME=$(az network public-ip list --query "[?ipAddress!=null]|[?contains(ipAddress, '$IP')].[name]" --output tsv)
az network public-ip update --resource-group $RESOURCEGROUP --name $PIPNAME --dns-name $DNSNAME

I am having trouble applying TLS to the DNS name of my LoadBalancer service for my Kubernetes cluster.

yaml for my deployment:

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: my-node-express-api-deployment
spec:
  replicas: 2
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
  minReadySeconds: 5
  template:
    metadata:
      labels:
        app: my-node-express-api
    spec:
      containers:
      - name: my-node-express-api-container
        image: myrepo/my-node-express-api-image:latest
        ports:
        - containerPort: 3000
      volumes:
      - name: tls
        secret:
          secretName: my-tls-secret

yaml for my LoadBalancing Service

apiVersion: v1
kind: Service
metadata:
  name: my-node-express-api-loadbalancer
spec:
  loadBalancerIP: 52.176.148.91
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 3000
    port: 443
    targetPort: 3000
  selector:
    app: my-node-express-api

Yaml for secret

apiVersion: v1
kind: Secret
metadata:
  name: my-tls-secret
  namespace: default
data:
  tls.crt: (base64 for myprefix.cloudapp.azure.com.crt)
  tls.key: (base64 for myprefix.cloudapp.azure.com.key)
Oct 5, 2018 in Kubernetes by lina
• 8,100 points
26 views

1 answer to this question.

0 votes
On Azure, if you need TLS termination on kubernetes, you can use Nginx Ingress controller.

To archive this, we can follow those steps:
1 Deploy the Nginx Ingress controller
2 Create TLS certificates
3 Deploy test http service
4 configure TLS termination
answered Oct 5, 2018 by Kalgi
• 37,320 points

Related Questions In Kubernetes

0 votes
1 answer

Create LoadBalancer for kubernetes cluster in aws

Hello @Lina, If you're running your cluster on ...READ MORE

answered Oct 8, 2018 in Kubernetes by Kalgi
• 37,320 points
43 views
0 votes
1 answer

How do I create a service account for my dashboard and get all the credentails

Run the following commands: This command will create ...READ MORE

answered Oct 8, 2018 in Kubernetes by Kalgi
• 37,320 points
168 views
0 votes
1 answer

Upgrading the kubernetes cluster to the latest version

In the earlier version of kubernetes this ...READ MORE

answered Nov 15, 2018 in Kubernetes by ajs3033
• 7,240 points
35 views
0 votes
1 answer
0 votes
3 answers

Error while joining cluster with node

Hi Kalgi after following above steps it ...READ MORE

answered Jan 17 in Others by anonymous
1,119 views
+3 votes
1 answer