1. Home
  2. /
  3. Blog
  4. /
  5. Automating DNS and TLS...
Feb 8,2022 No comments yet By Origo

Automating DNS and TLS Certificates with Kubernetes

Almost every app needs a web service backend, and every web service needs a domain name. To serve content from a domain name you need a TLS certificate.
While you still need to register and pay for a domain through a registrar like Godaddy or Domain.com, TLS certificates have been provided free of charge to anyone by Let’s Encrypt since 2016.


The process for setting up a web service is basically the same every time – be it for testing, development or production:

Register a domain -> Create a web service -> Point a domain name to this web service -> Validate the service with Let’s Encrypt -> Have a TLS certificate issued -> Install the certificate to your web service

It’s a joy to finally have free TLS certificates that are issued almost instantanously, but it all does become a bit tedious after a while. You can of course use self-signed certificates for your testing and development, but in the long run it get’s a bit annoying clicking away all those browser warnings.

Since Kubernetes is all about automated operations, we thought that this particular operation could and should also be automated, especially for outfits that routinely set up a lot of testing and development environments. We looked a bit around for possibilities, and it looks like our fellow Kubernetes enthusiasts are mostly aligning behind two projects – External DNS for automating domain name provisioning, and cert-manager for automating TLS certificate provisioning. With no desire to reinvent these particular wheels, we set out to automate the above process, using these two projects. The result is a new guide, describing how to do exactly this in a Stabile environment.

Leave a Comment

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

origo