下載git專案
git clone https://github.com/stnet253/K8s-Traefik-v2-cert-manager.git
安裝 traefik v2
helm repo add traefik https://containous.github.io/traefik-helm-chart helm repo add traefik https://helm.traefik.io/traefik helm repo update
安裝 cert-manager
# Install the CustomResourceDefinition resources separately
kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml
# Create the namespace for cert-manager
kubectl create namespace cert-manager
# Add the Jetstack Helm repository
helm repo add jetstack https://charts.jetstack.io
# Update your local Helm chart repository cache
helm repo update
# Install the cert-manager Helm chart
helm install \ cert-manager jetstack/cert-manager \ --namespace cert-manager \ --version v0.14.2
# check
kubectl get pods --namespace cert-manager
#設定Issuer or ClusterIssuer
kubectl apply -f /Letsencrypt/cluster-issuer.yaml
#helm佈署traefik
cd /helm kubectl create namespace traefik cd /traefik helm install --namespace traefik traefik traefik/traefik --values traefik/traefik-chart-values.yaml kubectl apply -f traefik-config.yaml
#產生dashboard密碼
htpasswd -nb user password | openssl base64
#設定dashboard密碼
cd /helm/traefik/dashboard vi middleware.yaml
編輯yaml加入密碼
vi middleware.yaml
另外兩個檔案記得修改域名(解析要先設定好)
kubectl apply -f certificate.yaml kubectl apply -f ingressroute.yaml
開啟dashboard
https://traefik.itnotetk.com
#Letsencrypt whomai example
cd /Letsencrypt/whomai kubectl apply -f deployment.yml kubectl apply -f service.yml kubectl apply -f ingressroute.yaml kubectl apply -f certificate.yaml
開啟網址驗證
#Letsencrypt web example
cd /Letsencrypt/tony kubectl apply -f certificate.yaml kubectl apply -f ingressroute.yaml
tls憑證從k9s secret看
參考資料