Anyway to get both HTTPS and CDN in GKE?

8/1/2019

My goal is to run multiple sites in a cluster (GKE). Here is what I'm trying to achieve:

  • Each site should be on HTTPS (using cert-manager and letsencrypt) with HTTP/2
  • Should be possible to enable Google CDN in the load balancer

Method 1: I tried both https://www.getambassador.io/ and https://github.com/kubernetes/ingress-nginx. But both of them created TCP/UDP (layer 4) load balancer which doesn't allow CDN to be enabled

Method 2: Later I tried default Ingress(https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer) provided by GKE (layer 7), which creates HTTP(s) load balancer instead of TCP/UDP. CDN worked in this case. But I couldn't configure cert-manager. Couldn't find any docs for that. Not sure whether this load balancer terminates SSL by default which cannot be changed. I think there is also a limit of 15 domains in load balancer for SSL

Method 1 doesn't support CDN and Method 2 doesn't support cert-manager! Could find a way to get both HTTPS and CDN

Is there any way to get this work?

-- Gijo Varghese
google-kubernetes-engine
kubernetes
kubernetes-ingress
nginx-ingress

0 Answers