GCP: Add DNS, SSL, and Ingress support #148
Assignees
Labels
Comments
prasek
changed the title
|
Why don't you just simply use route53 as your DNS management instead of Cloud DNS? |
Route 53 = AWS I'm assuming the OP would like to be able to control DNS via GCP, and not AWS. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What problem are you facing?
Integration of dns, ssl, and ingress in crossplane. I've added these as one ticket as they are often related.
If I configure the dns, I can provision certs with a major provider, and by extension I can associate those certs with a load balancer.
Although this can be supported somewhat with self-service by applying externaldns, and cert-manager to a kubernetes target cluster with workload, it moves this out of the control of Crossplane and has downsides. Cert-manager can be less than ideal in some cases like a zero downtime migration to a different cluster, you don't get certs on cluster until the dns resolves to the new cluster, which is whatever the delay is for the dns migration.
As part of this story, full automation makes for a great demo, but we would likely also want to allow users to set a private key and ca and allow crossplane to associate this cert to any load balancer in the major providers.
How could Crossplane help solve your problem?
Example flow with GCP cloud DNS + AWS EKS to setup SSL, DNS, Ingress:
https://myhost.comFurther related reading:
GCP K8s multi-cluster ingress
google managed certs
google pre-shared certs
Import external cert to AWS ACM
Static IPs for ALBs
The text was updated successfully, but these errors were encountered: