HSkogmo
commented
6 years ago I think this falls a little outside of the scope of the project, but I'll chime in.
SSL would typically be terminated at the edge of the cluster, so that could be a Load Balancer which would have to be aware of the SSL certificates involved.
If you're on AWS and are using Elastic Load Balancers (ELBs) then you're better served using the issued AWS SSL certs (see the services.aws.yaml file). Before you create that service you have to request a certificate in AWS Certificate Manager. Or, I suppose you can import a Let's Encrypt certificate.
I don't know how this would fit together on other cloud vendors, so your milage might vary.
So let's say you don't have a cloud native Load Balancer available in your environment. I suppose then you could use a k8s load balancer with an ingress controller that supports automatic Let's Encrypt request and renewal, like Traefik.
Maybe this is helpful as well: https://blog.osones.com/en/kubernetes-ingress-controller-with-traefik-and-lets-encrypt.html
Hi, i have a question. how i can implement ssl like lets encrypt?