我正在努力把TLS / SSL放在kubernetes的wordpress站点前面。
我前面有一个Ingress。
没有任何TLSconfiguration,我可以访问该网站好吧。 当我添加TLSconfiguration时,我访问该网站超时。
Ingress.yaml:
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: helloworld-rules spec: tls: - hosts: - mysite.com secretName: tls-secret rules: - host: mysite.com http: paths: - path: / backend: serviceName: mysite servicePort: 80 进入-controller.yaml:
apiVersion: v1 kind: Service metadata: name: nginx-ingress labels: app: nginx-ingress spec: type: LoadBalancer ports: - port: 80 targetPort: 80 selector: app: nginx-ingress --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: nginx-ingress spec: replicas: 1 template: metadata: labels: app: nginx-ingress spec: containers: - name: nginx-ingress image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.10 imagePullPolicy: Always readinessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP livenessProbe: httpGet: path: /healthz port: 10254 scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace ports: - containerPort: 80 hostPort: 80 args: - /nginx-ingress-controller - --default-backend-service=$(POD_NAMESPACE)/echoheaders-default - --configmap=$(POD_NAMESPACE)/nginx-load-balancer-conf
结果负载平衡器需要指定端口443
apiVersion: v1 kind: Service metadata: name: nginx-ingress labels: app: nginx-ingress spec: type: LoadBalancer ports: - name: http port: 80 targetPort: 80 - name: https port: 443 targetPort: 443 selector: app: nginx-ingress
这个线程也有助于完成设置。 https://github.com/kubernetes/ingress/issues/672