如何在使用 ingress-nginx 时在 Google Kubernetes Engine 上启用 SSL?
How To Enable SSL on Google Kubernetes Engine while using ingress-nginx?
我正在使用 GKE 和 ingress-nginx (https://kubernetes.github.io/ingress-nginx/)。我尝试了许多使用 cert-manager 的教程,但无法学习它。
如果您能够让 SSL 在 google kubernetes 引擎中与 ingress-nginx 一起工作,您能给我一个 yaml 文件作为示例吗?
您可以以此为起点并在此基础上进行扩展
apiVersion: apps/v1
kind: Deployment
metadata:
name: arecord-depl
spec:
replicas: 1
selector:
matchLabels:
app: arecord
template:
metadata:
labels:
app: arecord
spec:
containers:
- name: arecord
image: gcr.io/clear-shell-346807/arecord
ports:
- containerPort: 8080
env:
- name: PORT
value: "8080"
---
apiVersion: v1
kind: Service
metadata:
name: arecord-srv
spec:
selector:
app: arecord
ports:
- name: arecord
protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: echo-ingress
annotations:
kubernetes.io/ingress.class: "gce"
kubernetes.io/ingress.global-static-ip-name: ssl-ip
spec:
tls:
- hosts:
- vareniyam.me
secretName: echo-tls
rules:
- host: vareniyam.me
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: arecord-srv
port:
number:
8080
- 你说你正在使用 nginx ingress,但你的 ingress class 说的是 gce:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: echo-ingress
annotations:
kubernetes.io/ingress.class: "gce"
- 您没有指明要使用哪个
ClusterIssuer 或 Issuer。 cert-manager 只有在您告诉它您希望它创建证书后才会颁发证书
我不确定您尝试过哪些教程,但您是否尝试过查看此处的 cert-manager 文档:https://cert-manager.io/docs/
我正在使用 GKE 和 ingress-nginx (https://kubernetes.github.io/ingress-nginx/)。我尝试了许多使用 cert-manager 的教程,但无法学习它。 如果您能够让 SSL 在 google kubernetes 引擎中与 ingress-nginx 一起工作,您能给我一个 yaml 文件作为示例吗?
您可以以此为起点并在此基础上进行扩展
apiVersion: apps/v1
kind: Deployment
metadata:
name: arecord-depl
spec:
replicas: 1
selector:
matchLabels:
app: arecord
template:
metadata:
labels:
app: arecord
spec:
containers:
- name: arecord
image: gcr.io/clear-shell-346807/arecord
ports:
- containerPort: 8080
env:
- name: PORT
value: "8080"
---
apiVersion: v1
kind: Service
metadata:
name: arecord-srv
spec:
selector:
app: arecord
ports:
- name: arecord
protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: echo-ingress
annotations:
kubernetes.io/ingress.class: "gce"
kubernetes.io/ingress.global-static-ip-name: ssl-ip
spec:
tls:
- hosts:
- vareniyam.me
secretName: echo-tls
rules:
- host: vareniyam.me
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: arecord-srv
port:
number:
8080
- 你说你正在使用 nginx ingress,但你的 ingress class 说的是 gce:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: echo-ingress
annotations:
kubernetes.io/ingress.class: "gce"
- 您没有指明要使用哪个
ClusterIssuer或Issuer。 cert-manager 只有在您告诉它您希望它创建证书后才会颁发证书
我不确定您尝试过哪些教程,但您是否尝试过查看此处的 cert-manager 文档:https://cert-manager.io/docs/