Ingress with Self-managed Certificate

Release Notice

GoodData.CN ready for Kubernetes will be published during May 2021. Stay tuned and watch

TODO - these pages need to be revisited and updated after TLS and Organizations updates.

Assuming you have private key in file tls-private-key.pem, CA-signed certificate and CA certificate in file tls-certificate.pem. Create Kubernetes namespace where the GoodData.CN will be deployed and prepare Secret within this namespace.

$ kubectl create namespace gooddata-cn
namespace/gooddata-cn created

$ kubectl -n gooddata-cn create secret tls gooddata-cn-tls --cert=tls-certificate.pem --key=tls-private-key.pem
secret/gooddata-cn-tls created

You will refer to this Secret later, during installation of the application Helm chart.

Warning

Note that you are responsible for certificate renewal. Since it’s not possible to update uploaded certificate, create a new certificate object with renewed certificate and update its name in Ingress object.

Cert-manager Integration with Let's Encrypt