我正在尝试在Kubernetes的https上部署网站,在Ingress上使用TLS证书。这是我的配置
我跟着这个图特:
https://docs.bitnami.com/kubernetes/how-to/secure-kubernetes-services-with-ingress-tls-letsencrypt/
apiVersion: v1
kind: Service
metadata:
name: moodle
labels:
app: moodle
spec:
ports:
- name: http
protocol: TCP
port: 80
targetPort: 80
- name: https
protocol: TCP
port: 443
targetPort: 443
selector:
app: moodle
tier: frontend
type: ClusterIP
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: moodle-pv-claim
labels:
app: moodle
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: moodle
labels:
app: moodle
spec:
selector:
matchLabels:
app: moodle
tier: frontend
strategy:
type: Recreate
template:
metadata:
labels:
app: moodle
tier: frontend
spec:
containers:
- image: jhardison/moodle
name: moodle
env:
- name: DB_PORT_3306_TCP_ADDR
value: mysql
- name: DB_ENV_MYSQL_PASSWORD
value: pass
- name: DB_ENV_MYSQL_USER
value: root
- name: DB_ENV_MYSQL_DATABASE
value: moodle
- name: DB_ENV_MYSQL_PASSWORD
value: pass
- name: MOODLE_URL
value: https://manvar.tk
ports:
- containerPort: 80
name: http
- containerPort: 443
name: https
volumeMounts:
- name: moodle-persistent-storage
mountPath: /var/moodledata
volumes:
- name: moodle-persistent-storage
persistentVolumeClaim:
claimName: moodle-pv-claim
此配置在HTTP上工作正常,站点在HTTP上运行。
我想用https入口在https上运行它
我的入口是
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: moodle
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: 'true'
spec:
tls:
- hosts:
- manvar.tk
secretName: custom-tls-cert
rules:
- host: manvar.tk
http:
paths:
- path: /
backend:
serviceName: moodle
servicePort: 80
我已经装上了TLS证书并将其添加到机密中,并将其用于入口。但我还是有错误
