Expose a Kubernetes service on your own custom domain
Published on

Expose a Kubernetes service on your own custom domain

Author
Written by Peter Jausovec
    Contents
  1. What do you need?
  2. Accessing Kubernetes from the outside
  3. Pointing your domain to the cluster
  4. Test it out!
Discuss on Discord
You have finally deployed your application to Kubernetes and you bought a cool domain name — ever wondered how to point your cool domain like www.mydomain.com, but cooler, to an application running inside Kubernetes? Well, read on and I'll try to explain how to do just that!

What do you need?

Before we get started, make sure you have the following:
  • Kubernetes cluster and access to it (i.e. so you can deploy stuff)
  • Your application running in the Kubernetes cluster
  • Registered domain name (I am using Name.com for my domains, but any other registrar works as well)
  • Helm

Note

Note: I am using the word application to represent your code that runs in your cluster and you want to access it through the domain name. Your code is running inside of a Docker image and a Kubernetes pod that's part of a deployment and is exposed through a Kubernetes service. But application is what I'll use to refer to all this.
Here are the rough steps to follow to hook up the domain with your service:
  • Create an Ingress resource
  • Deploy the Ingress controller
  • Update the domain records to point to the clusters

Accessing Kubernetes from the outside

A Kubernetes resource called Ingress is what manages external access to the applications running inside the cluster. With ingress, you can define rules that tell Kubernetes how to route external traffic to your application. Here's how an example Ingress resource looks like:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
    - host: www.mycoolapp.mydomain.com
      http:
        paths:
          - path: /
            backend:
              serviceName: mycoolapp
              servicePort: 80
However, this resource alone is not enough — you also need a controller that knows how to direct the traffic. I will be using the Nginx Ingress Controller, but there are others you could use as well (check out more docs on different ingresses). We will be using Helm to deploy the nginx-ingress chart like this:
helm install stable/nginx-ingress
The above command takes care of installing the NGINX controller and a default backend. Default backend is an ‘app' that the ingress will point to by default or in case there are no services defined. As part of the NGINX controller you will also get a service with type LoadBalancer — this is where we you point your domain to.

Note

Note that there are a plethora of buttons and knobs you can adjust and twist when deploying the controller — there's a whole list of them here.
With the NGINX ingress controller deployed, let's figure out what the IP address of the cluster is by running this command:
kubectl get services --all-namespaces
Above command will list out all Kubernetes services running in all namespaces. What you are interested in is any service of type LoadBalancer and any service that has an external IP set (it's usually the same service). Here's how a sample output of the command would look like:
virtuous-gopher is the name Helm picked for the Nginx controller
virtuous-gopher is the name Helm picked for the Nginx controller
The value that's grayed out next to the *nginx-ingress-controller service in the image above is what you need. This is the IP address you will point your domain to.
Or, if you want to be more fancy, you can also run the command below that will filter all services by their type (LoadBalancer) and return you the name and the IP address:
kubectl get svc --all-namespaces -o jsonpath='{range .items[?(@.spec.type=="LoadBalancer")]}{.metadata.name}:{.status.loadBalancer.ingress[0].ip}{"\n"}{end}'

Pointing your domain to the cluster

Depending on where you registered your domain, the steps might be a bit different, but the gist is the same — you need to create an A and CNAME DNS records to point your domain (host) to the cluster.
My registrar is Name.com, but I am pretty sure other registrars have some good docs on how to do this as well.
Heavily redacted view of the DNS records for my domain
Heavily redacted view of the DNS records for my domain
Here's what I did: on Name.com I went to my domain and opened the DNS records tab. From there, I was able to add an A record with the host called www.mycoolapp.mydomain.com and as an answer, I entered my clusters IP address.
Similarly, I created a CNAME record and pointed mycoolapp.mydomain.com to the cluster host name (usually, you can find this in your cloud providers settings). You don't have to provide a CNAME, an A record is enough. Note that if you don't provide the CNAME, then mycoolapp.mydomain.com will not resolve to your application!

Test it out!

Fire up your favorite terminal or browser and navigate to mycoolapp.mydomain.com. Tadaaa — you should be able to get a response back (in my case, the application I deployed was a simple NGINX container, thus the default NGINX page)
Yes, I own containers.social domain… and bunch more that I'll never use
Yes, I own containers.social domain… and bunch more that I'll never use
Join the discussion
SHARE THIS ARTICLE
Peter Jausovec

Peter Jausovec

Peter Jausovec is a platform advocate at Solo.io. He has more than 15 years of experience in the field of software development and tech, in various roles such as QA (test), software engineering and leading tech teams. He's been working in the cloud-native space, focusing on Kubernetes and service meshes, and delivering talks and workshops around the world. He authored and co-authored a couple of books, latest being Cloud Native: Using Containers, Functions, and Data to Build Next-Generation Applications.

Related posts

Your first Kubernetes Pod and ReplicaSet (LABS)
Kubernetes

Your first Kubernetes Pod and ReplicaSet (LABS)

You've created your Kubernetes cluster and now it's time to put it to use. In this second lab you'll create your first Kubernetes Pod and your first Kubernetes ReplicaSet

Peter Jausovec

Peter Jausovec

Kubernetes Ingress and Istio Gateway Resource
Service Mesh

Kubernetes Ingress and Istio Gateway Resource

By default, any service running inside the service mesh is not automatically exposed outside of the cluster which means that we can't get to it from the public Internet. Similarly, services within the mesh don't have access to anything running outside of the cluster either.

Peter Jausovec

Peter Jausovec

Traefik Proxy 2.x and TLS 101
General

Traefik Proxy 2.x and TLS 101

The challenge that I'll explore today is that you have an HTTP service exposed through Traefik Proxy and you want to deal with the HTTPS burden (TLS termination), leaving your pristine service unspoiled by mundane technical details.

Gérald Croës

Gérald Croës

Six things to keep in mind when working with Dockerfiles
Docker

Six things to keep in mind when working with Dockerfiles

I have been using Docker directly or indirectly for years now. During that time I shot myself in the foot multiple times by not following suggestions and good practices. I have collected tips and practices and separated them into multiple categories. I am calling these categories Dockerfiles, images, and containers. The first part talks about Dockerfiles - I have included 6 tips and practices you should try and adopt.

Peter Jausovec

Peter Jausovec

How to apply Istio DestinationRule across the mesh?
Service Mesh

How to apply Istio DestinationRule across the mesh?

An interesting question came up today in Istio Slack where someone asked if and how one can apply DestinationRules globally to all workloads inside the cluster. The short answer is yes, and this article will explain how to do it.

Peter Jausovec

Peter Jausovec

What are sticky sessions and how to configure them with Istio?
Service Mesh

What are sticky sessions and how to configure them with Istio?

The idea behind sticky sessions is to route the requests for a particular session to the same endpoint that served the first request. That way to can associate a service instance with the caller, based on HTTP headers or cookies. You might want to use sticky sessions if your service is doing an expensive operation on first request, but later caching the value. That way, if the same user makes the request, the expensive operation will not be performed and value from the cache will be used.

Peter Jausovec

Peter Jausovec

;