部署dashboard的内容就不写了,网上资料一堆一堆的,直接上干货
1. 创建secrets https证书文件
描述:这个*.key *.crt就是注册域名需要购买的证书。阿里云也可以申请免费证书,有效期印象中应该是一年。需要注意的是,需要将该secrets 创建到对应的namespace下。
kubectl create secret tls ingress-secret --key ./k8s-ingress-key --cert ./k8s-ingress.crt -n kubernetes-dashboard
2. ingress 支持https
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: k8s-offline-dashboard
namespace: kubernetes-dashboard
annotations:
kubernetes.io/ingress.class: ingress-nginx #指定ingress
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" #这个就是最关键的一行配置,配置后ingress就会支持默认只能是https的后端服务
spec:
tls:
- secretName: ingress-secret
rules:
- host: "k8s-offline-dashboard.yidian-inc.com"
http:
paths:
- path: /
backend:
serviceName: kubernetes-dashboard
servicePort: 443