---
title: Kubernetes Ingress 与 cert-manager 自动 TLS 配置
keywords:
- Ingress
- cert-manager
- TLS
- ClusterIssuer
- 自动化签发
description: 使用 cert-manager 配置自动签发 TLS 证书并为 Ingress 启用 HTTPS,提供可执行清单示例。
categories:
- 文章资讯
- 技术教程
---
Kubernetes Ingress 与 cert-manager 自动 TLS 配置
ClusterIssuer 示例
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: [email protected]
privateKeySecretRef:
name: letsencrypt-key
solvers:
- http01:
ingress:
class: nginx
Ingress 配置
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: web
annotations:
cert-manager.io/cluster-issuer: letsencrypt
spec:
ingressClassName: nginx
tls:
- hosts: ["example.com"]
secretName: web-cert
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web
port:
number: 80
验证
- 查看证书 Secret 与 Ingress 状态,确认 HTTPS 可用
总结
结合 cert-manager 与 Ingress,可自动化管理证书并为服务开启安全的 HTTPS 访问。
发表评论 取消回复