欢迎点击下方👇关注我,记得星标哟~
文末会有重磅福利赠送
https://dev.to/ileriayo/adding-free-ssltls-on-kubernetes-using-certmanager-and-letsencrypt-a1l
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set installCRDs=trueubuntu@instance-k8s:~$ kubectl get pods --namespace cert-managerNAME READY STATUS RESTARTS AGEcert-manager-cainjector-7cc466564c-9f6fr 1/1 Running 0 3dcert-manager-webhook-555b8fbdbc-w59bs 1/1 Running 0 3dcert-manager-6585596d7f-4rlhb 1/1 Running 1 (1d ago) 3d
ubuntu-k8s:~/cert$ cat clusterissuer.yamlapiVersion: cert-manager.io/v1kind: ClusterIssuer # I'm using ClusterIssuer heremetadata:name: letsencrypt-prodspec:acme:server: https://acme-v02.api.letsencrypt.org/directoryemail: jonathan.comprivateKeySecretRef:name: letsencrypt-prodsolvers:- http01:ingress:class: public
kubectl apply -f clusterissuer.yamlapiVersion: networking.k8s.io/v1kind: Ingressmetadata:annotations:cert-manager.io/cluster-issuer: letsencrypt-prodname: http-ingressnamespace: defaultspec:ingressClassName: publicrules:- host: chatgpt.sredevops.tophttp:paths:- backend:service:name: chatport:number: 9000path: /pathType: Prefixtls:- hosts:- chatgpt.sredevops.topsecretName: letsencrypt-prod
ubuntu@instance-k8s:~/k8s-deploy-app$ k describe certificate letsencrypt-prodName: letsencrypt-prodNamespace: defaultAPI Version: cert-manager.io/v1Kind: CertificateSpec:Dns Names:chatgpt.sredevops.topIssuer Ref:Group: cert-manager.ioKind: ClusterIssuerName: letsencrypt-prodSecret Name: letsencrypt-prodUsages:digital signaturekey enciphermentStatus:Conditions:Last Transition Time: 2024-11-13T15:06:51ZMessage: Certificate is up to date and has not expiredObserved Generation: 1Reason: ReadyStatus: TrueType: ReadyNot After: 2025-02-11T14:08:17ZNot Before: 2024-11-13T14:08:18ZRenewal Time: 2025-01-12T14:08:17ZRevision: 1Events: <none>
更多云架构、K8S学习资料以及SRE学习手册,加入星球免费领取哦!
感兴趣的朋友们可以加我微信:sre_k8s,备注:云原生交流
