In Getting cockroachDB running with Kubernetes I covered how to get your cockroach database orchestrated by Kubernetes. Next you’ll want to get your API running, and expose it over SSL. Normally I’d put these kind of examples on github, but there are a lot of steps and it’s better to work through them yourself, than just pulling a prebaked repo. I’m assuming you’ll be using the Google Cloud console shell to work from in all these examples and that you already have a cluster up and running as described at the beginning of Getting cockroachDB running with Kubernetes

This example will use a simple express App rather than the graphQL server, which I’ll cover in a later article, but the principle is just the same.

Here’s the target state – it’s fairly convoluted and each of these components will be covered in a series of small, digestible articles.


There are lots of articles out there, but I couldn’t find a start to finish guide for creating an app, deploying it and securely exposing it and the Kubernetes documentation goes straight into the weeds. This is my attempt to remind myself how – and if it’s useful to others, then so much the better.

The steps

Using Kube -lego (being deprecated)

Using Cert-manager (still in beta but replacing Kube-lego)

Acknowledgement to bitnami for some of the background to all of this, and without whose excellent Kubernetes examples I’d have even less idea of what I’m doing.

Why not join our forum, follow the blog or follow me on Twitter to ensure you get updates when they are available.