how to provide ingresses in spec with proper tls c...
# 🤖|ask-kapa
c
@microscopic-river-74022 how to provide ingresses in spec with proper tls certificate
m
Please stand by @colossal-salesclerk-87522 as I search the knowledge base. I normally take about 20 seconds or so. :wave:
---------------------- To provide ingresses in the spec with a proper TLS certificate, you need to follow these steps: 1. **Create a TLS Certificate**: You can use a tool like mkcert () to generate a local certificate for development. After installing mkcert, you can generate a certificate with a command like
mkcert garden.dev '*.garden.dev'
. Remember to replace 'garden.dev' with your preferred hostname. 2. **Create a Kubernetes Secret with your Certificate**: Once you have your certificate and key, you need to create a Kubernetes Secret that can be referenced when deploying services. You can do this with a command like
kubectl create secret tls mydomain-tls-secret --key <path-to-key-file> --cert <path-to-crt-file>
. Replace '' and '' with the paths to your key and certificate files respectively. 3. **Configure the Certificate in Garden**: In your Garden configuration, you can specify one or more certificates to use for ingress under the
providers[].tlsCertificates[]
field. The type for this field is
array[object]
, and it is not required by default. 4. **Specify Ingresses in the Spec**: In the spec for your container deployment, you can list the ingress endpoints that your service exposes under the
spec.ingresses[]
field. This field is also of type
array[object]
and is not required by default. You can also attach annotations to the ingress under the
spec.ingresses[].annotations
field. Here is an example of how you might specify ingresses in the spec:
Copy code
yaml
spec:
 ...
 ingresses:
 - path: /api
   port: http
   annotations:
     nginx.ingress.kubernetes.io/proxy-body-size: '0'
In this example, an ingress is specified for the path '/api' on the port 'http'. An annotation is also attached to the ingress.
Sources: - Local TLS example project () - Kubernetes-plugins > Remote-k8s > 3. Set Up Ingress, TLS and DNS () - Reference > Providers > kubernetes > Configuration Keys >
providers[].tlsCertificates[]
() - Reference > Action-types > Deploy > container Deploy > Configuration Keys >
spec.ingresses[]
() - Reference > Action-types > Deploy > container Deploy > Configuration Keys >
spec.ingresses[].annotations
() ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------
message has been deleted