k8s 集群域名https实现
1:创建证书
openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout tls.key -out tls.crt
2:创建密钥
kubectl create secret tls ibp-mobile-tls --cert=tls.crt --key=tls.key -n ecagi-ibp
3:创建ingress
kubectl apply -f ibp-mobile1.yaml
[root@xxinspur https]# cat ibp-mobile1.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
field.cattle.io/publicEndpoints: >-
[{"addresses":["10.66.160.27"],"port":443,"protocol":"HTTPS","serviceName":"ecagi-ibp:ibp-mobile","ingressName":"ecagi-ibp:ibp-mobile","hostname":"dmx.xx.ha.yc","path":"/ibp-mobile","allNodes":false},{"addresses":["10.66.160.27"],"port":443,"protocol":"HTTPS","serviceName":"ecagi-ibp:ibp-mobile","ingressName":"ecagi-ibp:ibp-mobile","hostname":"toomany.site","path":"/ibp-mobile","allNodes":false}]
meta.helm.sh/release-name: ibp-mobile
meta.helm.sh/release-namespace: ecagi-ibp
creationTimestamp: '2025-06-12T08:50:04Z'
generation: 4
managedFields:
- apiVersion: networking.k8s.io/v1
fieldsType: FieldsV1
fieldsV1:
f:status:
f:loadBalancer:
f:ingress: {}
manager: traefik
operation: Update
subresource: status
time: '2025-06-12T08:50:04Z'
- apiVersion: networking.k8s.io/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:meta.helm.sh/release-name: {}
f:meta.helm.sh/release-namespace: {}
f:labels:
.: {}
f:app.kubernetes.io/managed-by: {}
manager: manager
operation: Update
time: '2025-06-25T08:39:33Z'
- apiVersion: networking.k8s.io/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
f:field.cattle.io/publicEndpoints: {}
f:spec:
f:rules: {}
manager: agent
operation: Update
time: '2025-06-26T09:03:12Z'
name: ibp-mobile1
namespace: ecagi-ibp
resourceVersion: '2876590'
uid: b2b4e0b5-3ba1-43d9-8be4-75c92c3f07ef
spec:
ingressClassName: traefik
rules:
- host: toomany.site
http:
paths:
- backend:
service:
name: ibp-mobile
port:
number: 80
path: /ibp-mobile
pathType: Prefix
tls:
- hosts:
- toomany.site
secretName: ibp-mobile-tls # 需要一个包含 TLS 证书和私钥的 Secret
status:
loadBalancer:
ingress:
- ip: 10.66.160.27
浙公网安备 33010602011771号