Ingress HTTPS代理tomcat站点

准备证书

# openssl genrsa -out tls.key 2048
# openssl req -new -x509 -key tls.key -out tls.crt -subj /C=CN/ST=Beijing/L=Beijing/O=DevOps/CN=tomcat.yzy.com

生成secret，在K8S上操作

# kubectl create secret tls tomcat-ingress-secret --cert=tls.crt --key=tls.key

# kubectl get secret
NAME                    TYPE                                  DATA   AGE
default-token-2qf72     kubernetes.io/service-account-token   3      23d
tomcat-ingress-secret   kubernetes.io/tls                     2      3m57s
# kubectl describe secret tomcat-ingress-secret
Name:         tomcat-ingress-secret
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  kubernetes.io/tls

Data
====
tls.crt:  1285 bytes
tls.key:  1675 bytes

# kubectl apply -f ingress-tomcat-tls.yaml
# cat ingress-tomcat-tls.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-tomcat-tls
  namespace: default
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
  ingressClassName: "nginx"
  tls:
  - hosts:
    - tomcat.yzy.com
    secretName: tomcat-ingress-secret
  rules:
  - host: tomcat.yzy.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: tomcat
            port:
              number: 8080

posted @ 2023-07-25 18:22 Maniana 阅读(15) 评论(0) 编辑收藏举报

刷新页面返回顶部

Maniana

Ingress HTTPS代理tomcat站点

公告