DEV Community

Khaly DeThylis
Khaly DeThylis

Posted on

GKE : use local domain (OSX)

I have a GKE cluster & I want to try ingress with a fake localhost dns like https://main.local

set a local dns to your ingress external IP

/etc/hosts :

# Host Database
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##   localhost docker.for.mac.localhost broadcasthost
::1             localhost   main.local

Generate SSL cert with letsencrypt:

e.g : ssl for https://main.local

openssl req -x509 -out main.crt -keyout main.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=main.local' -extensions EXT -config <( \
   printf "[dn]\nCN=main.local\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:main.local\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

Create Secret TLS on your K8S cluster

kubectl create secret tls tls-main --key main.key --cert main.crt

Put it in your Ingress

here I use Contour proxy

main-route.yaml :

kind: HTTPProxy
  name: main-httpproxy
  namespace: default
    fqdn: main.local
      secretName: tls-main
    - services:
        - name: myservice
          port: 80

Set cert trust on OSX

  • Launch Application/Utilities/Keychain & upload your main.crt

  • set trusted always

see tuto

Top comments (0)