Create DNS Record for preview URL

Click Create record on the target domain page in the Route53 dashboard and create a record with the following values:

  • Record name: *
  • Record type: A
  • Value: Public IP address of EC2 instance

Through this process, the root domain with the registered record is assigned as a preview URL for the service deployed on the dashboard.

You can verify if the record has been propagated to the nameserver using the following command:

dig "<registered domain>"

Install Cert Manager

Run the following commands to install Cert Manager:

helm repo add jetstack https://charts.jetstack.io
helm repo update

helm install \
     cert-manager jetstack/cert-manager \
     --namespace cert-manager \
     --create-namespace \
     --version v1.15.3 \
     --set crds.enabled=true

ClusterIssuer & TLS Certificates

Use the following command to create the ClusterIssuer and TLS certificate:

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: aws-secret-access-key
  namespace: cert-manager
type: Opaque
stringData:
  aws-secret-access-key: $AWS_SECRET_ACCESS_KEY
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: ale-issuer
  namespace: cert-manager
spec:
  acme:
    email: $ACME_EMAIL
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: ale-issuer
    solvers:
      - http01:
          ingress:
            class: nginx
      - dns01:
          route53:
            region: $AWS_REGION
            hostedZoneID: $AWS_HOSTED_ZONE_ID
            accessKeyID: $AWS_ACCESS_KEY_ID
            secretAccessKeySecretRef:
              name: aws-secret-access-key
              key: aws-secret-access-key
        selector:
          dnsZones:
            - $AWS_DOMAIN
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: ale-app-tls
  namespace: cert-manager
spec:
  dnsNames:
    - "*.$AWS_DOMAIN"
  issuerRef:
    kind: ClusterIssuer
    name: ale-issuer
  secretName: ale-app-tls
EOF

Setup Ingress in ale

Access ale at https://app.[domain], create an administrator, and complete the installation.

Enter the root domain in the preview domain field.

Enter the following values in the network section of the settings tab in the cluster page and click Apply.

  • Preview domain: Connected root domain
  • Use HTTPS
    • Activate: Internet environment
    • Inactivate: Intranet/closed network environment
  • Certificate secret name: ale-app-tls
  • Certificate secret namespace: cert-manager
  • Certificate issuer: ale-issuer
  • Ingress class: nginx
  • Load balancer type: NodePort

You can access the operations system by clicking the space name in the dashboard.

The operations system menu is only displayed for accounts with access permissions to the operations system.

Access ale Dashboard

Click Back in the top left of the operations system or access ale at https://app.[domain] and complete the signup process to use the developer dashboard.

You can use managed container registries, such as AWS ECR, as the repository for built images. If no container registry is connected, images are managed using the Docker Engine running in the local environment.

Refer to the cards below for instructions on using the operations system and developer dashboard.

operations system Guide

Developer Guide