This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 9%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
I am setting up a new dev cluster with AKS. We have multiple namespaces in this cluster for multiple clients, that use the same TLS secret. However, in the previous cluster, I have had to set up the TLS secrets in each namespace.
I have found some articles which suggest that it is possible to replicate the TLS secrets from one ns to all the other namespaces within the same cluster.
In this specific article: https://boxboat.com/2018/07/02/kubernetes-nginx-ingress-tls-secrets-all-namespaces/, 2 pods are created to search for ns and to search from secrets and reflect the default one to the other ns.
I have managed to set up both pods, all seems to be running, but the secret is not reflected to the default ns as suggested in the article.
As suggested in the article, I have managed to set up in the nginx-ingress ns:
PODS:
pod/ingress-cert-reflector-66cfc47656-zwxzz 2/2 Running 116 (31m ago) 44h
DEPLOYMENT:
deployment.apps/ingress-cert-reflector 1/1 1 1 44h
SERVICE ACCOUNT:
ingress-cert-reflector 0 44h
When I run kubectl describe pod, the outcome looks satisfying:
*Name: ingress-cert-reflector-66cfc47656-zwxzz
Namespace: nginx-ingress
Priority: 0
Node: aks-nodepool1-18131159-vmss000003/10.104.0.4
Start Time: Wed, 12 Oct 2022 16:34:31 +0100
Labels: app=ingress-cert-reflector
pod-template-hash=66cfc47656
Annotations:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 35%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello @Ana Louro ,
Welcome to Microsoft QnA.
This issue of referencing TLS secrets from different namespaces has been in discussion for a long time and many experts have contributed to an ongoing thread with their workarounds and fixes.
I would recommend you to once go through this thread first -> 2170.
Do let me know if that helps? :)
----------
Please accept as answer if the above information is helpful.
Hi @srbhatta-MSFT ,
Thank you for you answer and sorry it has taken me so long to reply.
Unfortunately I had already looked at your suggested link before and I tried it again but it did not work for me.
However, the TLS Reflector app did work in the end, with a few tweaks.
Have a great day,
Ana