Zenn
🐥

Nginx Ingress Controllerにオレオレ証明書をセットする

2022/10/05に公開
Kubernetes
tech

証明書作成

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout rsa.key -out rsa.crt -subj "/CN=openproject.vampire.com/O=system"

Secretリソース作成

kubectl create secret tls mytls --key rsa.key --cert rsa.crt

マニフェストファイルに書き足す

spec.tlsの部分を追加

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: proxy-ingress
spec:
  tls:
  - hosts:
    - openproject.vampire.com
    secretName: mytls
  ingressClassName: nginx
  rules:
    - host: openproject.vampire.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: proxy
                port:
                  number: 80

参考

https://kubernetes.github.io/ingress-nginx/user-guide/tls/
https://hawksnowlog.blogspot.com/2021/03/enable-tls-with-ingress.html

Discussion