If you’re running workloads on Kubernetes and need to expose services under your own domain name instead of the default cluster-generated URLs, it’s not immediately obvious how to set that up — especially on managed runtimes like SAP BTP Kyma.

The problem

By default, Kubernetes services are exposed through auto-generated hostnames that look something like my-service.my-namespace.svc.cluster.local. For internal communication that’s fine, but the moment you want external traffic hitting a nice URL like api.yourdomain.com, you need a few extra pieces in place.

What’s involved

At a high level, setting up a custom domain on Kubernetes requires:

  • A domain you own and access to its DNS records
  • An Ingress controller or API gateway — something that accepts external traffic and routes it to your services. In Kyma’s case, this is Istio’s ingress gateway
  • TLS certificates — you’ll want HTTPS, so you need a certificate for your domain. Tools like cert-manager can automate this with Let’s Encrypt
  • DNS configuration — a CNAME or A record pointing your domain to the ingress gateway’s external IP or load balancer
  • An API Rule or Ingress resource — the Kubernetes object that tells the gateway which domain maps to which service

Kyma specifics

SAP BTP Kyma Runtime uses Istio as its service mesh, which means custom domains are configured through Istio’s VirtualService and Gateway resources rather than the standard Kubernetes Ingress. The flow is roughly:

  1. Register your custom domain in the Kyma dashboard
  2. Create a Gateway resource that listens on your domain with TLS
  3. Create or update your APIRule to route traffic from the custom domain to your service
  4. Point your DNS to the Kyma cluster’s load balancer

There are some gotchas around certificate provisioning and DNS propagation, but once the pieces click together it works reliably.

Full walkthrough

I wrote a detailed step-by-step guide on the SAP Community blog covering the entire process with screenshots and code snippets:

SAP BTP Kyma Runtime: Use a Custom Domain on an API Rule through Istio

If you’re working with Kyma or any Istio-based Kubernetes setup and need custom domains, that post should get you up and running.