What are the benefits of having cert-manager configured in k8s cluster comparing to SSL-termination configured on LoadBalancer?

I’m configuring HTTPS for a website running in k8s cluster. For that I used the instructions from How To Set Up an Nginx Ingress on DigitalOcean Kubernetes Using Helm and How to Set Up an Nginx Ingress with Cert-Manager on DigitalOcean Kubernetes. In both cases they involve cert-manager.

At the same time I found out that SSL Termination on LoadBalancer side described How to Configure SSL Termination works fine for me. It even supports auto-renewal.

I wonder, why would I need to go with cert-manager approach, which looks more complicated?



Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Answering my own question: According to the article How to Configure Advanced Load Balancer Settings in Kubernetes Clusters, I’m not supposed to edit LoadBalancer’s setting directly from the Control Panel, if it was provisioned by Kubernetes Cluster. And from the practice: the changes I did in the Control Panel were reset to the initial values automatically in a few hours.