What are the benefits of having cert-manager configured in k8s cluster comparing to SSL-termination configured on LoadBalancer?

Question

I’m configuring HTTPS for a website running in k8s cluster. For that I used the instructions from How To Set Up an Nginx Ingress on DigitalOcean Kubernetes Using Helm and How to Set Up an Nginx Ingress with Cert-Manager on DigitalOcean Kubernetes.
In both cases they involve cert-manager.

At the same time I found out that SSL Termination on LoadBalancer side described How to Configure SSL Termination works fine for me. It even supports auto-renewal.

I wonder, why would I need to go with cert-manager approach, which looks more complicated?

Thanks

Answer 1

muradx June 14, 2020

Answering my own question:
According to the article How to Configure Advanced Load Balancer Settings in Kubernetes Clusters, I’m not supposed to edit LoadBalancer’s setting directly from the Control Panel, if it was provisioned by Kubernetes Cluster.
And from the practice: the changes I did in the Control Panel were reset to the initial values automatically in a few hours.

Reply Report

Related

Question

What are the benefits of having cert-manager configured in k8s cluster comparing to SSL-termination configured on LoadBalancer?

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

What are the benefits of having cert-manager configured in k8s cluster comparing to SSL-termination configured on LoadBalancer?

Related

Leave a comment

Related

question

How can I customize healthcheck to make LB available

question

Can't get load balancer in a healthy state

question

Load Balancing service over HTTPS and handling node failures.

question

Private cluster networking (k8s beta)

Looking for something else?