The fastest way what i found is using lets encrypt service and route53 integration (in my case)
Integration with route 53 gives me ability to validate automatically domain.
There are few steps:
#1. create name space kubectl create namespace cert-manager #2. add helm repository and install cert manager helm repo add jetstack https://charts.jetstack.io helm repo update helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v1.1.0 --set installCRDs=true #3. verify that cert-manager 3 pods are working fine kubectl get pods -n cert-manager #4. create secret with aws secret kubectl create secret generic acme-route53 -n cert-manager --from-literal=secret-access-key=your secret here #5. apply manifest apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: letsencrypt-issuer namespace: cert-manager spec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: youremail privateKeySecretRef: name: letsencrypt-prod solvers: - selector: dnsZones: - "yourdomain" dns01: route53: region: eu-west-1 accessKeyID: yourawsaccesskey secretAccessKeySecretRef: name: acme-route53 key: secret-access-key Ingress example apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: your-ingress annotations: nginx.ingress.kubernetes.io/use-regex: "true" cert-manager.io/cluster-issuer: "letsencrypt-issuer" spec: tls: - hosts: - api.example.com secretName: nginx-tls rules: - host: api.example.com http: paths: - path: / backend: serviceName: api-gateway servicePort: 8080 TLS certificate will be automatically saved to nginx-tls secret
Cloud Notes 
One thought on “HTTPs in Kubernetes”