how to provide ingresses in spec with proper tls certificate garden.io #🤖

Join Discord

how to provide ingresses in spec with proper tls c...

# 🤖｜ask-kapa

colossal-salesclerk-87522

05/13/2024, 8:25 PM

@microscopic-river-74022 how to provide ingresses in spec with proper tls certificate

microscopic-river-74022

05/13/2024, 8:25 PM

Please stand by @colossal-salesclerk-87522 as I search the knowledge base. I normally take about 20 seconds or so. :wave:

microscopic-river-74022

05/13/2024, 8:26 PM

---------------------- To provide ingresses in the spec with a proper TLS certificate, you need to follow these steps: 1. **Create a TLS Certificate**: You can use a tool like mkcert () to generate a local certificate for development. After installing mkcert, you can generate a certificate with a command like

mkcert garden.dev '*.garden.dev'

. Remember to replace 'garden.dev' with your preferred hostname. 2. **Create a Kubernetes Secret with your Certificate**: Once you have your certificate and key, you need to create a Kubernetes Secret that can be referenced when deploying services. You can do this with a command like

kubectl create secret tls mydomain-tls-secret --key <path-to-key-file> --cert <path-to-crt-file>

. Replace '' and '' with the paths to your key and certificate files respectively. 3. **Configure the Certificate in Garden**: In your Garden configuration, you can specify one or more certificates to use for ingress under the

providers[].tlsCertificates[]

field. The type for this field is

array[object]

, and it is not required by default. 4. **Specify Ingresses in the Spec**: In the spec for your container deployment, you can list the ingress endpoints that your service exposes under the

spec.ingresses[]

field. This field is also of type

array[object]

and is not required by default. You can also attach annotations to the ingress under the

spec.ingresses[].annotations

field. Here is an example of how you might specify ingresses in the spec:

Copy code

yaml
spec:
 ...
 ingresses:
 - path: /api
   port: http
   annotations:
     nginx.ingress.kubernetes.io/proxy-body-size: '0'

In this example, an ingress is specified for the path '/api' on the port 'http'. An annotation is also attached to the ingress.

microscopic-river-74022

05/13/2024, 8:26 PM

Sources: - Local TLS example project () - Kubernetes-plugins > Remote-k8s > 3. Set Up Ingress, TLS and DNS () - Reference > Providers > kubernetes > Configuration Keys >
providers[].tlsCertificates[]
() - Reference > Action-types > Deploy > container Deploy > Configuration Keys >
spec.ingresses[]
() - Reference > Action-types > Deploy > container Deploy > Configuration Keys >
spec.ingresses[].annotations
() ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------

microscopic-river-74022

05/13/2024, 8:26 PM

message has been deleted

3 Views

Previous Next