Configuring a CNAME
Configure a Service with a CNAME
Select Use CNAME
when the URL of the service is used as a value in a CNAME.
With TLS Termination at the NGINX Controller
Follow the steps below to set up a CNAME when the TLS termination happens on the NGINX controller.
-
Configure a CNAME entry with your domain name provider.
-
Generate or copy your domain certificates and store them as a TLS secret in your team's namespace.
-
Go to the service configuration section in the Console.
-
Create a new service by selecting the k8s service and port that you want to expose.
-
Check the "Use CNAME" checkbox. Two text boxes will appear: "domain" and "tlsSecretName".
-
Fill in both text boxes accordingly. Example: domain=
demo.example.com
, tlsSecretName=my-cname-cert
. -
Click on the "Submit" button, followed by the "Deploy" button.
With TLS Termination at the Application (Pod) Level
Follow the steps below to set up a CNAME when the TLS termination happens on the application (pod) running on the cluster. It is expected that the certificates are already embedded or mounted in the application/pod.
-
Configure a CNAME entry with your domain name provider.
-
Go to the service configuration section in the Console.
-
Create a new service by selecting the k8s service and port that you want to expose.
-
Check the "TLS Passthrough" checkbox.
-
Check the "Use CNAME" checkbox. Fill the domain field(leave the tlsSecretName field empty).
-
Provide your cname domain in the text box.
-
Click on the "Submit" button, followed by the "Deploy" button.