- Created Route53 zone vovayartsev.dyn.tixey.fom
- Registered wildcard certificate
- Created Cluster with KOPS
- Installed HELM (helm init)
- Configured ssl arn:xxxxx:xxxxx and installed democluster chart (usually Newrelic and elastic.co configurations go into “cluster” chart too)
- MANUALLY created wildcard record in DNS (not used route53-mapper b/o additional IAM permissions)
- Specified values in values.yaml for demoapp chart
- Installed demoapp chart into —namespace=feature-123 under —name=feature-123
- Installed demoapp chart into —namespace=feature-456 under —name=feature-456
PROS OF APPROACH
- HTTPS redirects out of the box
- Ingress settings live in demoapp,
- Revisions are hard-coded in values.yaml and can be pushed between environments
PROS OF ELB
- No need to track SSL expiry (even Microsoft is guilty of this)
- Min config, max security (fixing outdated TLS algorithms / Heartbleed etc)
PROS OF KOPS
- 10x more stars in Github
- blessed by AWS
IDEAS