Kubernetes 使用 Cert Manager 自动签发 HTTPS 证书 【4】
安装了cert manager 和设置了issuer, 接下来就是设定SSL证书和部署应用。
1. 创建certificate
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: test-selfsigned-cert-tls
namespace: test
spec:
dnsNames:
- test.pangzai.win
secretName: test-selfsigned-cert-tls
issuerRef:
name: letsencrypt-dns012. 创建 deployment , 我使用的是私有的阿里云container registry
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-deployment
namespace: test
spec:
replicas: 2
selector:
matchLabels:
app: test_app
template:
metadata:
labels:
app: test_app
spec:
containers:
- name: test-container
image: registry-intl-vpc.ap-southeast-1.aliyuncs.com/pangzai/test
imagePullPolicy: Always
ports:
- containerPort: 80
name: port80
imagePullSecrets:
- name: alicloudprivatekey3. 创建Service
apiVersion: v1
kind: Service
metadata:
name: test-service
namespace: test
spec:
selector:
app: test_app
ports:
- name: "8080"
protocol: TCP
port: 80
targetPort: 80
clusterIP: None4. 创建Ingress , 必须在cert-manager.io/issuer 加入的你namespace
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: test-ingress
namespace: test
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/issuer: "test/letsencrypt-dns01"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:
- test.pangzai.com
secretName: test-selfsigned-cert-tls
rules:
- host: test.pangzai.com
http:
paths:
- backend:
serviceName: test-service
servicePort: 80【快链接】
Kubernetes 使用 Cert Manager 自动签发 HTTPS 证书 【1】
Kubernetes 使用 Cert Manager 自动签发 HTTPS 证书 【2】
Kubernetes 使用 Cert Manager 自动签发 HTTPS 证书 【3】
Kubernetes 使用 Cert Manager 自动签发 HTTPS 证书 【4】
Facebook评论