k8s配置htps证书
2022-07-09 本文已影响0人
小明同学9527
写的比较简略主要用于个人记录
image.png
image.png
image.png
image.png
image.png
1-下载nginx证书
2-配置Service: 编辑 ClusterIP nginx
3-
apiVersion: v1
data:
tls.crt: xxx=证书-pem
tls.key: xxx==key
kind: Secret
metadata:
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:tls.crt: {}
f:tls.key: {}
f:type: {}
manager: agent
operation: Update
name: nginx
namespace: default
type: kubernetes.io/tls
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations: {}
managedFields:
- apiVersion: networking.k8s.io/v1
fieldsType: FieldsV1
fieldsV1:
'f:spec':
'f:rules': {}
'f:tls': {}
manager: agent
operation: Update
- apiVersion: networking.k8s.io/v1beta1
fieldsType: FieldsV1
fieldsV1:
'f:status':
'f:loadBalancer':
'f:ingress': {}
manager: nginx-ingress-controller
operation: Update
- apiVersion: extensions/v1beta1
fieldsType: FieldsV1
fieldsV1:
'f:metadata':
'f:annotations':
.: {}
'f:field.cattle.io/publicEndpoints': {}
manager: rancher
operation: Update
name: ''
namespace: default
spec:
rules:
- host: xxxx.com
http:
paths:
- backend:
service:
name: nginx001
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
-xxx.com
secretName: nginx
完成证书认证
配置nfs-存储
image.png
└──╼ #cat ngx001.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx001
namespace: default
spec:
replicas: 2
selector:
matchLabels:
workload.user.cattle.io/workloadselector: deployment-default-nginx001
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
run: nginx001
workload.user.cattle.io/workloadselector: deployment-default-nginx001
spec:
containers:
- image: nginx
imagePullPolicy: Never
name: nginx001
ports:
- containerPort: 78
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /usr/share/nginx/html
name: nfs001
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- name: nfs001
nfs:
path: /nfsaa/nginx
server: 10.0.0.100
image.png
