3. Set Up Ingress, TLS and DNS
By default, Garden will not install an ingress controller for remote environments. This can be toggled by setting the
nginx. Alternatively, you can set up your own ingress controller, e.g. using Traefik, Ambassador or Istio. You can find an example for using Garden with Istio in our examples directory.
You'll also need to point one or more DNS entries to your cluster, and configure a TLS certificate for the hostnames you will expose for ingress.
Templating the ingress to the application enables you to have DNS entries for every developer's namespace.
First, you will make DNS CNAME entry that points to the load balancer in front of your cluster. We recommend setting a wildcard in front of the proper record, e.g. *...com.
If you are manually creating or obtaining the certificates (and you have the
.keyfiles), create a Secret for each cert in the cluster so they can be referenced when deploying services:
kubectl create secret tls mydomain-tls-secret --key <path-to-key-file> --cert <path-to-crt-file>
Once you have completed the set up, make note of hostname.
If you're storing certs as Kubernetes Secrets, also make note of their names and namespaces.