1.生成证书文件
openssl req -x509 -nodes -days 2920 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=*.jdd966.cn/O=nginxsvc"
2.导入证书文件到k8s secret 指定命名空间
kubectl create secret tls https-secret --key tls.key --cert tls.crt -n jdd-k8s
3.实例
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: monitor
namespace: jdd-k8s
spec:
ingressClassName: nginx-ingress-congtoller
rules:
- host: test.jdd966.cn
http:
paths:
- backend:
service:
name: jdd-monitor
port:
number: 8085
path: /
pathType: Prefix
tls:
- hosts:
- test.jdd966.cn
secretName: https-secret