By ducharmemp
I’m defining some ingress services in DO K8s and seem to have run into some issues. I attempted to follow this guide here: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-nginx-ingress-on-digitalocean-kubernetes-using-helm, but due to its use of CRDs not playing nicely with terraform and its total opaqueness in terms of debuggability, I’d prefer to utilize the existing load balancer annotations located here https://www.digitalocean.com/docs/kubernetes/how-to/configure-load-balancers/ to define my certificate to use, since that’s being managed by DO directly (which is my preference).
My only other two options seem to be setting up at least 4 load balancers, one for each of my subdomains which will become expensive very quickly for little reason, or setting up a proxy inside of my k8s cluster to then route the traffic, which also defeats the purpose (IMO) of having a load balancer in the first place.
As an aside, it looks like most of the annotations might work, just not this one: service.beta.kubernetes.io/do-loadbalancer-certificate-id
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Heya,
Just came across this answer and decided to write some general guidelines for anyone who comes across this in the future despite the old question.
If you are encountering issues with the use of CustomResourceDefinitions (CRDs) with Terraform, it’s worth noting that due to the extensible nature of Kubernetes, some resources like CRDs may not be fully supported by Terraform.
Regarding the use of the annotation service.beta.kubernetes.io/do-loadbalancer-certificate-id, it should work as expected. Make sure that the certificate ID you are specifying in your annotations exists, and is correctly typed.
If you are looking for an alternative to manage multiple domains/subdomains without needing multiple load balancers, you might want to consider using an Ingress Controller like Nginx or Traefik. These allow traffic routing based on hostname and path, meaning you can manage multiple subdomains with a single LoadBalancer service.
In order to get more insights into what might be causing your problem, you may need to check the status of your service/ingress objects and the event logs.
Hope that this helps!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.