Helm Ingress 中的 Traefik LetsEncrypt 证书
Traefik LetsEncrypt certificate in Helm Ingress
在通过 Helm 为图表配置入口时,我缺少某种形式的 configuration/knowledge。
我想为具有以下值的现有图表启用 TLS:
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
path: /
hosts:
- chart-example.local
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
根据我在 Traefik 文档上阅读的内容,您不能在 k8s 秘密中使用 LetsEncrypt 证书:
Only TLS certificates provided by users can be stored in Kubernetes Secrets. Let's Encrypt certificates cannot be managed in Kubernets Secrets yet.
我在这里有什么选择,我是覆盖入口并可能与未来的 helm 升级混淆,还是注释?如果是的话,一个例子会很棒。
Only TLS certificates provided by users can be stored in Kubernetes
Secrets. Let's Encrypt certificates cannot be managed in Kubernets
Secrets yet.
这里讨论过几次,在堆栈上。或许对你有帮助。
最推荐的解决方案是使用 cert-manager 而不是 LetsEncrypt。
1. Traefik Ingress (Kubernetes) not receiving letsencrypt certificates
2. Let's Encrypt on Traefik with Helm
这里还有 How to easily(ish!) get SSL/TLS configured for your web hosting needs using Traefik and cert-manager on Kubernetes 篇文章,详细介绍了所有内容。
在通过 Helm 为图表配置入口时,我缺少某种形式的 configuration/knowledge。
我想为具有以下值的现有图表启用 TLS:
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
path: /
hosts:
- chart-example.local
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
根据我在 Traefik 文档上阅读的内容,您不能在 k8s 秘密中使用 LetsEncrypt 证书:
Only TLS certificates provided by users can be stored in Kubernetes Secrets. Let's Encrypt certificates cannot be managed in Kubernets Secrets yet.
我在这里有什么选择,我是覆盖入口并可能与未来的 helm 升级混淆,还是注释?如果是的话,一个例子会很棒。
Only TLS certificates provided by users can be stored in Kubernetes Secrets. Let's Encrypt certificates cannot be managed in Kubernets Secrets yet.
这里讨论过几次,在堆栈上。或许对你有帮助。
最推荐的解决方案是使用 cert-manager 而不是 LetsEncrypt。
1. Traefik Ingress (Kubernetes) not receiving letsencrypt certificates
2. Let's Encrypt on Traefik with Helm
这里还有 How to easily(ish!) get SSL/TLS configured for your web hosting needs using Traefik and cert-manager on Kubernetes 篇文章,详细介绍了所有内容。