diff --git a/docs/uplink/expose-tunnels.md b/docs/uplink/expose-tunnels.md index 02c1696..7ee38ac 100644 --- a/docs/uplink/expose-tunnels.md +++ b/docs/uplink/expose-tunnels.md @@ -6,7 +6,7 @@ Any tunnelled service can be accessed directly from within the cluster using a ClusterIP Service and does not need to be exposed to the public Internet in order to be used by a SaaS product. -Each inlets uplink tunnel is provisioned with a ClusterIP service that you can access internally within the cluster. The same service can be used to expose the tunnel to the public Internet using an Ingress resource. This approach is recommended for new users for dozens of tunnels. +Each inlets uplink tunnel is provisioned with a ClusterIP service that you can access internally within the cluster. The same service can be used to expose the tunnel to the public Internet using an Ingress resource. The uplink operator can be configured to automatically generate ingress resources for tunnels. This approach is recommended for new users for dozens of tunnels. [![Each tunnel's data-plane is exposed via a separate Ingress and Certificate](/images/uplink/ingress-per-data-plane.png)](/images/uplink/ingress-per-data-plane.png) > Each tunnel's data-plane is exposed via a separate Ingress and Certificate @@ -35,6 +35,8 @@ Both tunnels can be created with `kubectl` using the Custom Resource Definition, licenseRef: name: inlets-uplink-license namespace: tunnels + ingressDomains: + - grafana.example.com --- apiVersion: uplink.inlets.dev/v1alpha1 kind: Tunnel @@ -45,16 +47,20 @@ Both tunnels can be created with `kubectl` using the Custom Resource Definition, licenseRef: name: inlets-uplink-license namespace: tunnels + ingressDomains: + - openfaas.example.com EOF ``` === "cli" ```bash - $ inlets-pro tunnel create grafana + $ inlets-pro tunnel create grafana \ + --ingress grafana.example.com Created tunnel openfaas. OK. - $ inlets-pro tunnel create openfaas + $ inlets-pro tunnel create openfaas \ + --ingress openfaas.example.com Created tunnel openfaas. OK. ``` @@ -62,23 +68,22 @@ Follow the instruction for Kubernetes Ingress or Istio depending on how you depl ## Expose the Tunnel with Ingress -1. Create a new certificate Issuer for tunnels: +1. Create a new certificate Issuer for tunnels. ```bash export EMAIL="you@example.com" - cat > tunnel-issuer-prod.yaml < letsencrypt-prod-tunnels <