Part 3: How to Install an SSL Certificate in MicroK8s for HTTPS URLs | alvianaufan
Highlights:
Search for:
Mas AL
log in

BLOG IT SYSADMIN

Daftar akun digitalocean untuk mendapatkan free credit 100$.
DigitalOcean Referral Badge
kubernetes SSL ubuntu

Part 3: How to Install an SSL Certificate in MicroK8s for HTTPS URLs

By
How to Install an SSL Certificate in MicroK8s for HTTPS URLs

This guide will walk you through the process of installing an SSL certificate in a MicroK8s Kubernetes cluster to enable HTTPS for your applications.

Prerequisites

Before you begin, ensure you have the following:

  1. MicroK8s installed on your server.
  2. kubectl command-line tool configured to interact with your MicroK8s cluster.
  3. A domain name pointing to your server’s IP address.
  4. Upload SSL Certificate Files to Kubernetes Nodes by ftp connection.
  5. An SSL certificate for your domain. You can obtain a free certificate from Let’s Encrypt or purchase one from a Certificate Authority.



Steps

1. Install the Ingress Add-on

MicroK8s includes an Ingress controller add-on that simplifies the setup of HTTPS for your applications.

Run the following command to enable the Ingress add-on:

microk8s enable ingress

 

2. Create a Kubernetes Secret for Your SSL Certificate

To use your SSL certificate with the Ingress controller, you need to create a Kubernetes Secret that stores your certificate and private key.

Cara Replication Database MariaDB (Master-Slave)
Trending

Cara Replication Database MariaDB (Master-Slave)

Assuming you have your certificate (cert.crt) and private key (key.key) files, use the following command to create the secret:

microk8s kubectl create secret tls alvian-website-tls --cert=path/to/tls.crt --key=path/to/tls.key -n <namespace>
  • Replace alvian-website-tls with a name that suits your application.



3. Configure an Ingress Resource

Create an Ingress resource to route traffic to your service and use the SSL certificate.

Create a YAML file named ingress.yaml with the following content:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: alvian-website-ingress
  namespace: default
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/affinity: cookie
    nginx.ingress.kubernetes.io/session-cookie-name: "route"
    nginx.ingress.kubernetes.io/session-cookie-hash: "sha1"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: 10m  # Optional: Adjust as needed
spec:
  tls:
  - hosts:
    - website.alvianaufan.my.id
    secretName: alvian-website-tls
  rules:
  - host: website.alvianaufan.my.id
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: alvian-website-service
            port:
              number: 5001
  • Replace website.alvianaufan.my.id with your actual domain and alvian-website-service with the name of your Kubernetes service.

4. Apply the Ingress Resource

Apply the Ingress configuration to your cluster with the following command:

microk8s kubectl apply -f path/to/your-ingress.yaml

 

5. Verify the Setup




After applying the Ingress resource, you can verify that your application is accessible over HTTPS by visiting https://website.alvianaufan.my.id in your web browser.

If everything is set up correctly, you should see the SSL certificate applied, and your site will load over HTTPS.

Troubleshooting

  • Certificate Errors: Ensure that the certificate and private key match and are correctly specified in the Kubernetes secret.
  • Ingress Not Working: Check the status of the Ingress controller with microk8s kubectl get pods -n ingress. Look for any errors or pending states.

Conclusion

You have successfully installed an SSL certificate in MicroK8s and configured your application to be accessible via HTTPS. This setup ensures secure communication between clients and your application.

Related Posts

Write A Comment