Ingress-nginx: Document ingress.gcp.kubernetes.io/pre-shared-cert annotation

Created on 8 Mar 2017  路  10Comments  路  Source: kubernetes/ingress-nginx

Update GLBC documentation with this annotation + usage.

Follow up work to https://github.com/kubernetes/ingress/pull/291.

Please assign to me.

picture tonglil
👍3

Most helpful comment

@tlbdk sorry!

gcloud compute ssl-certificates create my-cert --certificate=${CERT_LOCATION} --private-key=${KEY_LOCATION} --project=my-project

gcloud compute addresses create my-ip --global

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    kubernetes.io/ingress.allow-http: "false"                        # Disable port 80 access (see caveats)
    kubernetes.io/ingress.global-static-ip-name: "my-ip"             # Name of the static global IP address in GCP
    ingress.gcp.kubernetes.io/pre-shared-cert: "my-cert"             # Name of the TLS certificate in GCP
spec:
  backend:
    serviceName: my-service                                          # Service type NodePort resource to expose
    servicePort: 80                                                  # Port of the Service
picture tonglil on 26 Jun 2017
👍7

All 10 comments

How does the syntax look, it would be nice with just a copy/paste in this issue so there at least where something until the documentation was written?

tlbdk picture tlbdk on 26 Jun 2017

@tlbdk sorry!

gcloud compute ssl-certificates create my-cert --certificate=${CERT_LOCATION} --private-key=${KEY_LOCATION} --project=my-project

gcloud compute addresses create my-ip --global

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    kubernetes.io/ingress.allow-http: "false"                        # Disable port 80 access (see caveats)
    kubernetes.io/ingress.global-static-ip-name: "my-ip"             # Name of the static global IP address in GCP
    ingress.gcp.kubernetes.io/pre-shared-cert: "my-cert"             # Name of the TLS certificate in GCP
spec:
  backend:
    serviceName: my-service                                          # Service type NodePort resource to expose
    servicePort: 80                                                  # Port of the Service
tonglil picture tonglil on 26 Jun 2017
👍7

Thanks, just what I needed :)

tlbdk picture tlbdk on 26 Jun 2017

does this work with any ingress controller? for example can I use this with traefik ingress controller on GKE? @tonglil

ptagr picture ptagr on 27 Sep 2017

No, this annotation is GCE specific.

tonglil picture tonglil on 27 Sep 2017
👍1

Where is ingress.gcp.kubernetes.io/pre-shared-cert documented in GCP docs?

This is the only reference I can find online.

gajus picture gajus on 15 Mar 2019
👍1

@gajus here: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-multi-ssl

joaoferrao picture joaoferrao on 9 May 2019

@gajus here: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-multi-ssl

There is currently no mention of ingress.gcp.kubernetes.io/pre-shared-cert on that page.

cachvico picture cachvico on 22 Aug 2019

@cachvico The documentation page specifcally mentions that in the Specifying certificates for your Ingress section which contains instructions for both Pre Shared certificates or certificates stored in a secrets object.

joaoferrao picture joaoferrao on 22 Aug 2019

@joaoferrao beg pardon.

For future readers coming from a Google search on ingress.gcp.kubernetes.io/pre-shared-cert (which lists this issue before the doc page), click the "PRE-SHARED CERTS" tab in the section Specifying certificates for your Ingress.

cachvico picture cachvico on 22 Aug 2019
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

cabrinoob picture cabrinoob  路  3Comments
boazj picture boazj  路  3Comments
juliohm1978 picture juliohm1978  路  3Comments
cxj110 picture cxj110  路  3Comments
geek876 picture geek876  路  3Comments