DigitalOcean Kubernetes + Waypoint?

Hello! I’m currently using Dokku, a self hosted alternative to Heroku, but I’m very interested in switching to Waypoint + Kubernetes if the processes is as simple. I need the following features

  1. Be able to deploy to Digital Ocean kubernetes (which I think is possible)
  2. Get deployment URLs (which is also possible)
  3. Hook up a custom domain for the production release (I couldn’t find this anywhere in the docs)
  4. LetsEncrypt the custom domain

Is this possible? I’m mostly using Node.js, if anyone has any points or even a HCL file I can use, that would be great as well.

Thank you!

I wrote a quick article on medium with my notes on how to use waypoint+kubernetes+digitalocean+helm+traefik+let’s encrypt

1 Like

For pushing to private container registries, you should be able to configure the authentication “out of band” from Waypoint. For example if your waypoint.hcl has a build stanza with a registry section like this pointing to a private registry:

        registry {
          use "docker" {
            image = ""
            tag   = "latest"

As long as your docker cli has the ability to push to the private registry because you’ve previously done something like:
echo $MY_SECRET | docker login -u USERNAME --password-stdin
where $MYSECRET is an env var with your secret and USERNAME is replaced with your actual registry username, then Waypoint should not need to know your private registry credentials to push an image.

For docker, kubernetes or nomad deployments that would pull the app image from the private registry, you may use different approaches. For Kubernetes, you can see how to authenticate to private container registries with a kubernetes secret, and say you named the secret example-registry-secret. Then you can reference the secret in Waypoint with something like:

  deploy {
    use "kubernetes" {

Thank you so much that fixed my issue with private docker on kubernetes. I spent half of my afternoon trying to solve it.

I’m glad it helped! I sent a PR to add some docs for private registry situations.

Ah I see, so we still have to configure a load balancer for production traffic? I was under the impression that it would be a part of waypoint? And also when setting up waypoint, it looks like it already creates a load balancer. There is no way to use that?

I’m a beginner with waypoint and kubernetes but what I noticed is when I install traefik it creates a new load balancer even though waypoint created one already. So the one created by waypoint is not used by traefik so I just removed it from my waypoint.hcl. I don’t know if there is a way to tell traefik to use the load balancer created by waypoint.

I have edited my article on medium posted previously. I’m now using Helm, Traefik and let’s encrypt.