ingress配置证书
### 先将阿里申请的证书 生成密钥
kubectl --kubeconfig=/root/lcnc-ack-prod create secret tls bmw.ulises.com-ingress-secret --cert=8579111_bmw.ulises.cn.pem --key=8579111_bmw.ulises.cn.key
### 服务创建
kubectl --kubeconfig=/root/lcnc-ack-prod get secret bmw.ulises.com-ingress-secret -o yaml > bmw.ulises.com-ingress-secret.yaml
[root@LC-NC-Marketplace-POC ingress-test]# cat test-deployment-service.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-web1
labels:
app: test-web1
spec:
replicas: 1
selector:
matchLabels:
app: test-web1
template:
metadata:
labels:
app: test-web1
spec:
containers:
- name: test-web1
imagePullPolicy: IfNotPresent
image: registry.cn-hangzhou.aliyuncs.com/yilong/ingress-test:web1
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: web1-service
spec:
type: ClusterIP
selector:
app: test-web1
ports:
- port: 8080
targetPort: 8080
### 修改ingress配置
[root@LC-NC-Marketplace-POC ingress-test]# cat test-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test-ingress
namespace: default
spec:
tls:
- hosts:
- bmw.ulises.cn
secretName: bmw.ulises.com-ingress-secret
rules:
- host: bmw.ulises.cn
http:
paths:
- path: /foo
backend:
service:
name: web1-service
port:
number: 8080
pathType: ImplementationSpecific
- path: /bar
backend:
service:
name: web1-service
port:
number: 8080
pathType: ImplementationSpecific
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
上次更新: 2023/05/17, 17:35:01
|