I have a gRPC server written in golang and containerized with Docker. I would like to deploy this application to Kubernetes with TLS (Let’s Encrypt).
What is the best way to secure the application? I’ve read that Kubernetes can use a Let’s Encrypt ingress controller to handle TLS and securing the cluster. However, my gRPC web server can also load certificates to enable TLS. This is less convenient though, because I have to restart the container when certificates renew, bind them to a volume, etc.
Is there anything wrong with leaving the container insecure (serving HTTP) and have the Kubernetes cluster proxy take care of securing the connection?