I am currently using GCP Cloud Run to run my backend with Cloud Run Domain Mapping to map my .com domain to a Cloud Run instance.
We are thinking of using GKE to host our services. What are the steps required to publicly expose a DNS name with TLS security? Our Cloud Run service uses the token returned by gcloud auth print-identity-token when it is issued Json/HTTP requests to control access and we need a similar token with a similar aud field for uniformity.
Looking at the documentation, I am completely lost.
- Using Cloud DNS, I have created a zone, but I don't know what to do with it. It also references a Registrar "to make it accessible". No clue what I should do.
- My service in GKE has a load-balancer, how do I make the load-balancer be mapped to the DNS entry?
- Looks like one way to issue TLS certificates is GCP Certificate Manager. But, the documentation is sparse an incomplete.
Can you please provide an overview of the possible deployments and explain the steps, referencing documentation with step-by-step instructions?