SSL Certificates using Google Managed Certificate on GKE
Note: Managed certificates require clusters with masters running Kubernetes 1.12.6-gke.7 or higher.
I don’t write at medium anymore. Visit https://www.goglides.dev to join our developer community.
Photo: Dead Horse Point State Park
In goglides.com we started allowing users to map custom domain names to Tenants URL also. One of the challenges we were facing initially when we started implementing solutions is how to issue an SSL certificate for the custom domain name automatically so that we can establish a secure connection for Tenants.
Issuing and managing a certificate is not a trivial task, especially if you are trying to build the solutions from scratch. Luckily, Goglides is running on Kubernetes so it became trivial to implement a solution.
There are so many ways we can issue certificates, in this blog we are focusing on K8S cluster running on Google (GKE) using a custom resource called ManagedCertificate and ingress rules.
Clarifying Terms
Before we jump into solutions, let’s start with explaining some of the technology we are using here,
Ingress
As per the official definition, Ingress is an,
