kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml
kubectl lab el namespace cert-manager certmanager.k8s.io/disable-validation=true
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v0.11.0/cert-manager.yaml
kubectl apply -f issuer.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod #需要使用这个标记,letsencrypt-prod是上面issuer的名称
name: nginx
namespace: default
spec:
rules:
- host: dev.arfront.cn
http:
paths:
- backend:
serviceName: nginx
servicePort: 80
pathType: ImplementationSpecific
tls:
- hosts:
- dev.arfront.cn
secretName: dev.arfront.cn #证书的域名