Bobcares
Client Area
Emergency Support
Google cloud platform | Latest

Google Cloud Kubernetes SSL – Quick way to install it

by | Apr 13, 2020

Looking for a way to install Google Cloud Kubernetes SSL? We’ll help you.

Web apps that run on Google cloud instances require SSL to make it secure.

This involves modifying the instance configuration, adding certificates, pointing to the correct IP address, etc.

At Bobcares, we frequently receive such requests as part of our Google Cloud Support Services.

Today, we’ll see how we set up SSL for an app running on Google cloud instances.

 

A closer look on Google Cloud, Kubernetes

Let’s begin by having a closer look at Google Cloud and related services.

Google offers cloud computing services under the name Google Cloud Platform. This helps in creating cloud servers easily.

Similarly, Google Kubernetes Engine aka GKE works as a quick tool for automating container creation, scaling up, etc. Thus, in effect, managing cloud instances becomes too easy.

Therefore, many users host their applications on Google Cloud instances. This gives them an option to create cost-efficient servers. Here, they can begin with only a few resources and scale up as traffic increases.

 

Why we need Google Cloud Kubernetes SSL

Often many hosting applications require SSL when they handle confidential information. This involves e-commerce sites that record credit card information of the users or apps that collect customer-specific details.

Any sort of tampering these details will lead to the loss of website reputation. Therefore, app owners protect the stealing attempts by adding an SSL certificate.

We need to enable HTTPS on api.websitexx.com. It is running on Google Cloud Kubernetes instance. Can you please help with it?

That was a recent HelpDesk request that we received.

The customer wanted to secure all the traffic to his website using Google Managed SSL certificates.

 

Steps to install Google Cloud Kubernetes SSL

Moving on, we’ll check the exact steps that our Cloud Engineers used to secure the app for the customer.

It’s worth now to understand a few facts about Google cloud instances.

In Google Kubernetes Engine, we normally use Ingresses to create HTTPS load balancers with automatically configured SSL certificates. A Kubernetes Ingress is a set of rules that allows inbound traffic to reach the Google cluster’s services.

Moreover, the Google-managed SSL certificates automatically provision, renew, and manage SSL certs for the domain names.

 

Create an HTTPS load balancer

As the first step, we created a load balancer in Google Cloud console. Here, we made sure to select the type of Load Balancer as HTTP.

Here, the website should have the IP address unchanged. Therefore, we selected the IP address as static too. The load balancer configuration looked like:

Google Cloud Kubernetes SSL

 

Modify DNS

Secondly, we configured the domain to point to the new static IP address of the load balancer. We did this by editing the DNS of the domain at the nameservers.

Here again, the IP changes would take a few hours to propagate on the internet. Thus, we proceeded with the next step only after the DNS update.

DNS resolution problems can result in SSL certificate provisioning failures.

 

Configure Kubernetes Ingress

It’s now time to provision the SSL certificate. Basically, this involves creating a managed certificate and adding it to the clusters YAML file.

First, we created a ManagedCertificate resource.
This resource specifies the domain that the SSL certificate will be created for. Wildcard domains are not supported.
Here, we replaced the domain name with our website name. Then we saved the ManagedCertificate manifest to a filed named mywebsite-certificate.yaml.

Similarly, we created files for service-name and service port.

Finally, we saved the manifest as a file named mywebsite-ingress-name.yaml

Then created the Ingress with the following command:

kubectl apply -f mywebsite-ingress.yaml

To confirm the status of the SSL we used:

kubectl describe managedcertificate mywebsite-certificate

The result displayed Status:CertificateStatus: Active

Later we checked the website in the browser using the https:// secure link.
Thus we successfully installed SSL on the app running on the cloud instance.

[Need help to secure your app on Google Cloud instance? We’ll help you.]

 

Conclusion

In short, the steps to set up Google Cloud Kubernetes SSL using managed certificates involve adding an HTTP Load balancer together with Ingress file configuration. Today, we saw how our Cloud Engineers secured an app for our Google Cloud customer.

Related posts:

  1. GKE VS GCE – Let’s discuss it in detail!!
  2. Migrate WordPress to Google Cloud
  3. Google Cloud Error code 4003 – How can we fix it?
  4. Google Cloud SQL Connection Timeout – How to fix

PREVENT YOUR GOOGLE CLOUD FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our Google Cloud experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. GKE VS GCE – Let’s discuss it in detail!!
  2. Migrate WordPress to Google Cloud
  3. Google Cloud Error code 4003 – How can we fix it?
  4. Google Cloud SQL Connection Timeout – How to fix

Never again lose customers to poor
server speed! Let us help you.

GET STARTED