Skip to content

fbeltrao/aks-letsencrypt

Repository files navigation

Add TLS to AKS Ingress

This repository demonstrates how to add Kubernetes Ingress to a cluster in Azure Kubernetes Services. Moreover, it covers adding TLS termination to custom domain (i.e. www.example.com) using Let's Encrypt free services.

Motivation

I own a Visual Studio subscription which gives me monthly Azure credits. I want to optimize the credits usage to run my blog and temporary experiments seamlessly. Additionally, I would like to use my own domain.

Since I don't expect continuous and high load in any of the workloads a good option is to use AKS with B-series VMs. In short, B-series VMs store credits during low load, spending them during higher load. It is perfect for burst/seasonal workloads.

The end solution is looks like this:

End solution

New deployments should be able to create TLS terminated sub-domains.

Step by step guide

  1. Use Azure DNS for a domain
  2. Create AKS Cluster
  3. Install NGINX Ingress
  4. Install Certicate Manager with http validation
  5. Setup wildcard certificates with Azure DNS validation
  6. Ingress to external URL

References