Added documentation to use TLS with traefik
This commit is contained in:
parent
11dc61a39e
commit
b24baeb9e2
37
README.md
37
README.md
@ -152,6 +152,41 @@ _To turn off k3s upgrades, you can either set the `k3s_upgrade=true` label in th
|
|||||||
kubectl -n system-upgrade label node <node-name> k3s_upgrade-
|
kubectl -n system-upgrade label node <node-name> k3s_upgrade-
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Example Ingress with TLS
|
||||||
|
|
||||||
|
Here is an example of an ingress to run an application with TLS, change the host to fit your need in `examples/tls/ingress.yaml` and then deploy the example
|
||||||
|
```sh
|
||||||
|
kubectl apply -f examples/tls/.
|
||||||
|
```
|
||||||
|
```yml
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: nginx-ingress
|
||||||
|
annotations:
|
||||||
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||||
|
traefik.ingress.kubernetes.io/router.tls.certresolver: le
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- example.com
|
||||||
|
secretName: example-tls
|
||||||
|
rules:
|
||||||
|
- host: example.com
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: nginx-service
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
## Takedown
|
## Takedown
|
||||||
|
|
||||||
If you want to takedown the cluster, you can proceed as follows:
|
If you want to takedown the cluster, you can proceed as follows:
|
||||||
@ -203,4 +238,4 @@ Any contributions you make are **greatly appreciated**.
|
|||||||
[issues-url]: https://github.com/mysticaltech/kube-hetzner/issues
|
[issues-url]: https://github.com/mysticaltech/kube-hetzner/issues
|
||||||
[license-shield]: https://img.shields.io/github/license/mysticaltech/kube-hetzner.svg?style=for-the-badge
|
[license-shield]: https://img.shields.io/github/license/mysticaltech/kube-hetzner.svg?style=for-the-badge
|
||||||
[license-url]: https://github.com/mysticaltech/kube-hetzner/blob/master/LICENSE.txt
|
[license-url]: https://github.com/mysticaltech/kube-hetzner/blob/master/LICENSE.txt
|
||||||
[product-screenshot]: .images/kubectl-pod-all-17022022.png
|
[product-screenshot]: .images/kubectl-pod-all-17022022.png
|
||||||
|
24
examples/tls/ingress.yaml
Normal file
24
examples/tls/ingress.yaml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: nginx-ingress
|
||||||
|
annotations:
|
||||||
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||||
|
traefik.ingress.kubernetes.io/router.tls.certresolver: le
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- example.com
|
||||||
|
secretName: example-tls
|
||||||
|
rules:
|
||||||
|
- host: example.com
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: nginx-service
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
|
|
13
examples/tls/pod.yaml
Normal file
13
examples/tls/pod.yaml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Pod
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
run: nginx
|
||||||
|
name: nginx
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- image: nginx
|
||||||
|
name: nginx
|
||||||
|
ports:
|
||||||
|
- containerPort: 80
|
||||||
|
|
11
examples/tls/service.yaml
Normal file
11
examples/tls/service.yaml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: nginx-service
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- port: 80
|
||||||
|
protocol: TCP
|
||||||
|
targetPort: 80
|
||||||
|
selector:
|
||||||
|
run: nginx
|
Loading…
Reference in New Issue
Block a user