File tree Expand file tree Collapse file tree 5 files changed +70
-33
lines changed Expand file tree Collapse file tree 5 files changed +70
-33
lines changed Original file line number Diff line number Diff line change @@ -17,7 +17,13 @@ kubectl get svc -n ingress-nginx
1717# cert-manager を cert-manager 名前空間にデプロイ
1818# https://cert-manager.io/docs/installation/kubectl/
1919# Install all cert-manager components:
20- kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.18.2/cert-manager.yaml
20+ # kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.18.2/cert-manager.yaml
21+ helm install \
22+ cert-manager jetstack/cert-manager \
23+ --namespace cert-manager \
24+ --create-namespace \
25+ --version v1.18.2 \
26+ --set crds.enabled=true
2127
2228# ClusterIssuerの作成
2329# https://cert-manager.io/docs/configuration/acme/
@@ -33,7 +39,7 @@ kubectl get ingress nginx-ingress -w
3339# 証明書の状態を確認
3440kubectl get certificaterequest -A
3541kubectl get certificate -A
36- kubectl describe certificate your-domain -com-tls
42+ kubectl describe certificate ks6088ts -com-tls
3743```
3844
3945### [ ks6088ts-labs/template-fastapi] ( https://github.com/ks6088ts-labs/template-fastapi ) をデプロイして公開する
Original file line number Diff line number Diff line change 1+ apiVersion : cert-manager.io/v1
2+
3+ kind : Certificate
4+ metadata :
5+ name : ks6088ts-com-tls
6+ spec :
7+ secretName : ks6088ts-com-tls
8+ issuerRef :
9+ name : letsencrypt-prod
10+ kind : ClusterIssuer
11+ commonName : ks6088ts.com
12+ dnsNames :
13+ - ks6088ts.com
14+ - www.ks6088ts.com
15+ privateKey :
16+ rotationPolicy : Always
Original file line number Diff line number Diff line change @@ -4,11 +4,11 @@ metadata:
44 name : letsencrypt-prod
55spec :
66 acme :
7- email : [email protected] # あなたのメールアドレス 8- server : https://acme-v02.api.letsencrypt.org/directory # 本番環境
7+ server : https://acme-v02.api.letsencrypt.org/directory
8+ 99 privateKeySecretRef :
10- name : letsencrypt-prod-private-key
10+ name : letsencrypt-prod
1111 solvers :
12- - http01 :
13- ingress :
14- class : nginx
12+ - http01 :
13+ ingress :
14+ class : nginx
Original file line number Diff line number Diff line change 3030 port : 80 # Serviceのポート
3131 targetPort : 80 # Podのポート
3232 type : ClusterIP # Ingress Controllerがサービスにアクセスするため、ClusterIPで十分
33-
Original file line number Diff line number Diff line change @@ -3,29 +3,45 @@ kind: Ingress
33metadata :
44 name : nginx-ingress
55 annotations :
6- kubernetes.io/ingress.class : nginx
7- cert-manager.io/cluster-issuer : letsencrypt-prod
6+ nginx.ingress.kubernetes.io/use-regex : ' true'
7+ cert-manager.io/cluster-issuer : ' letsencrypt-prod'
8+ nginx.ingress.kubernetes.io/ssl-redirect : ' true'
89spec :
10+ ingressClassName : nginx
11+ tls :
12+ - hosts :
13+ - ks6088ts.com
14+ - www.ks6088ts.com
15+ - api.ks6088ts.com
16+ secretName : ks6088ts-com-tls
917 rules :
10- - host : www.ks6088ts.com
11- http :
12- paths :
13- # - path: /
14- # pathType: Prefix
15- # backend:
16- # service:
17- # name: nginx-service # ステップ2で作成したService名
18- # port:
19- # number: 80 # Serviceのポート
20- - path : /
21- pathType : Prefix
22- backend :
23- service :
24- name : template-fastapi-service
25- port :
26- number : 80 # Serviceのポート
27- tls : # HTTPSを有効にするための設定
28- - hosts :
29- - www.ks6088ts.com # あなたの独自ドメイン
30- secretName : your-domain-com-tls # Cert-Managerが証明書を保存するKubernetes Secretの名前 (任意)
31-
18+ - host : ks6088ts.com
19+ http :
20+ paths :
21+ - path : /
22+ pathType : Prefix
23+ backend :
24+ service :
25+ name : nginx-service
26+ port :
27+ number : 80
28+ - host : www.ks6088ts.com
29+ http :
30+ paths :
31+ - path : /
32+ pathType : Prefix
33+ backend :
34+ service :
35+ name : nginx-service
36+ port :
37+ number : 80
38+ - host : api.ks6088ts.com
39+ http :
40+ paths :
41+ - path : /
42+ pathType : Prefix
43+ backend :
44+ service :
45+ name : template-fastapi-service
46+ port :
47+ number : 80
You can’t perform that action at this time.
0 commit comments