Let's walk through how to setup a k8 cluster on digitalocean with knative.
Start the cluster
Installing and configure the doctl tool. Then setup a cluster:
Once that's in place, make sure that you have a domain, in my case
We are going to use the knative operator to setup the install. For
this post, we will only being using
NAME READY UP-TO-DATE AVAILABLE AGE knative-operator 1/1 1 1 24h
We will now tell the operator to deploy knative serving, and we will
kourier, and set our domain to
namespace/knative-serving configured knativeserving.operator.knative.dev/knative-serving configured
And to see what the status of the deployment is:
Add default domain
Lets add the default domain serving as well.
job.batch/default-domain created service/default-domain-service created
This tells knative to use the certmanager when services get created/deleted:
cert-manager config map
Add revision garbage collection
Install helm package
certs.yaml to define how we interact with let-encrypt. I'm
going to use the http challenge here.
email@example.com with your email address.
Then apply it:
Set the domain
My domain is
gitgratitude.com – you should use yours.
Check above where we setup
configmap/config-network patched (no change)
Get the IP
ID Type Name Data Priority Port TTL Weight 280306756 A default 188.8.131.52 0 0 1800 0
Then setup a wildcard
CNAME to point to the root.
ID Type Name Data Priority Port TTL Weight 280306923 CNAME *.default default.gitgratitude.com 0 0 1800 0
Testing out a simple service
Creating service 'helloworld-go' in namespace 'default': 0.036s The Route is still working to reflect the latest desired specification. 0.064s Configuration "helloworld-go" is waiting for a Revision to become ready. 0.099s ... 17.273s ... 17.343s Ingress has not yet been reconciled. 17.416s Waiting for load balancer to be ready 17.628s Ready to serve. Service 'helloworld-go' created to latest revision 'helloworld-go-00001' is available at URL: http://helloworld-go.default.gitgratitude.com
And you should be able to hit your function now.
Look to see if a tls endpoint has been added
NAME URL LATEST AGE CONDITIONS READY REASON helloworld-go https://helloworld-go.default.gitgratitude.com helloworld-go-00001 114s 3 OK / 3 True
Look at the certificates
NAME READY SECRET AGE route-7bbf3267-6eb1-4516-bbb8-e65d81e0b968 True route-7bbf3267-6eb1-4516-bbb8-e65d81e0b968 62s
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305 * ALPN, server accepted to use h2 * Server certificate: * subject: CN=helloworld-go.default.gitgratitude.com * start date: Dec 7 10:28:31 2021 GMT * expire date: Mar 7 10:28:30 2022 GMT * issuer: C=US; O=(STAGING) Let's Encrypt; CN=(STAGING) Artificial Apricot R3 * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x120012a00) * Connection state changed (MAX_CONCURRENT_STREAMS == 2147483647)! * Connection #0 to host helloworld-go.default.gitgratitude.com left intact