Skip to content

Latest commit

 

History

History
57 lines (44 loc) · 2.38 KB

guide_subdomain_tunnel.md

File metadata and controls

57 lines (44 loc) · 2.38 KB

Argo Tunnels for Subdomains

A guiding to setting up subdomain tunnels.

Setup Your First Tunnel generates and installs a certificate matching mydomain.com and *.mydomain.com. To configure tunnels for subdomains, we'll need to generate additional certificates.

The guide builds on Setup Your First Tunnel.

subdomain.mydomain.com is a place holder. Updated the value to match your Cloudflare domain.

Step 1: Create a Subdomain Certificate

Certificates are located under Crypto on the Cloudflare dashboard.

  • Browse to Crypto.
  • Click Create Certificate.
  • Select the private key type ECDSA.
  • Set domains subdomain.mydomain.com and *.subdomain.mydomain.com.
  • Click Next.
  • Save both the Private Key and Certificate to a file cert.pem.

Save the entire contents with-in and including the section tags.

Step 2: Append the Tunnel Token

awk '/BEGIN.*TUNNEL/{mark=1}/END.*TUNNEL/{print;mark=0}mark' ~/.cloudflared/cert.pem >> cert.pem

Step 3: Deploy the Tunnel Secret

kubectl create secret generic subdomain.mydomain.com --from-file="cert.pem"
kubectl label secret subdomain.mydomain.com "cloudflare-argo/domain=subdomain.mydomain.com"

Create the secret in the same namespace as the controller deployment. Adjust subdomain.mydomain.com to match your Cloudflare domain.

Step 4: Attach a Tunnel

When the controller observes the creation of an ingress, it verifies that the referenced service, endpoints, and secret exists and opens a tunnel between the Cloudflare receiver and the kubernetes virtual service ip.

kubectl apply -f deploy/echo.yaml

Adjust the Ingress host echo.subdomain.mydomain.com to match your Cloudflare domain.

Step 5: Verify the Tunnel

The tunnel will be visible under DNS on the Cloudflare dashboard.

Adjust the Ingress host echo.subdomain.mydomain.com to match your Cloudflare domain.