📗
smiley book
  • Smiley Books
  • AI
    • Readme
    • openai-whisper
      • 샘플 실행해보기
      • GPU 서버 준비하기
      • API로 whisper를 외부에 오픈하기
      • 프롬프트 지원
      • 실시간 message chat
      • 화면 이쁘게 만들기와 로그인
      • 파이썬 가상환경
      • 실시간 voice chat
      • fine tunning(미세 조정) 으로 성능 올리기
      • app에서 api를 호출하여 실시간으로 텍스트로 바꿔보기
    • ollama - llm을 쉽게 내컴에서 실행
      • ollama webui
      • ollama docker
    • stable diffusion
      • SDXL - text to image
      • SD-webui
    • ChatGPT
      • 답변이 끊길때
      • 역할을 정하자
      • 구체적인 질문
      • 결과형태를 지정
      • 프롬프트를 여러줄로 사용하자.
      • 마틴 파울러 글 번역본
    • Prompt Engineering
    • Auto-GPT
    • Gemini
      • google ai studio
      • gemini-api
      • embedding guide
    • Huggingface
      • huggingface 사용법
      • huggingface nlp 공부중
    • kaggle
      • download dataset
    • langchain
      • langchain을 공부하며 정리
      • basic
      • slackbot
      • rag
      • document-loader
      • website-loader
      • confluence
      • memory
      • function-call
      • langsmith
      • agent-toolkit
  • Ansible
    • templates vs files and jinja2
    • dynamic inventory
    • limit 옵션 강제하기
    • limit 사용후 gather_fact 문제
  • AWS
    • AWS CLI
    • EKS
      • cluster manage
      • ALB Controller
      • external-dns
      • fargate
    • ECR
    • S3
    • Certificate Manager
  • Azure
    • Azure AD OAuth Client Flow
  • Container
    • Registry
    • 빌드시에 env값 설정하기
  • DB
    • PXC
      • Operator
      • PMM
      • 삭제
      • GTID
      • Cross Site Replication
    • Mssql
    • Mysql
  • dotnet
    • Thread Pool
    • Connection Pool
    • Thread Pool2
  • Devops
    • Recommendation
  • GIT
    • Basic
    • Submodule
  • GitHub
    • Repository
    • GitHub Action
    • GitHub PR
    • Self Hosted Runner
    • GitHub Webhook
  • GitLab
    • CI/CD
    • CI/CD Advance
    • Ssl renew
    • CI/CD Pass env to other job
  • Go Lang
    • 개발 환경 구축
    • multi os binary build
    • kubectl같은 cli만들기
    • azure ad cli
    • embed static file
    • go study
      • pointer
      • module and package
      • string
      • struct
      • goroutine
  • Kubernetes
    • Kubernetes는 무엇인가
    • Tools
    • Install with kubespray
    • Kubernetes hardening guidance
    • 11 ways not to get hacked
    • ArgoCD
      • Install
      • CLI
      • Repository
      • Apps
      • AWS ALB 사용
      • Notification slack
      • Backup / DR
      • Ingress
      • 2021-11-16 Github error
      • Server Config
      • auth0 인증 추가(oauth,OIDC)
    • Extension
      • Longhorn pvc
      • External dns
      • Ingress nginx
      • Cert Manager
      • Kube prometheus
    • Helm
      • Subchart
      • Tip
    • Loki
    • Persistent Volume
    • TIP
      • Job
      • Pod
      • Log
  • KAFKA
    • raft
  • KVM
    • kvm cpu model
  • Linux
    • DNS Bind9
      • Cert-Manager
      • Certbot
      • Dynamic Update
      • Log
    • Export and variable
    • Grep 사용법
  • Modeling
    • C4 model introduce
    • Mermaid
    • reference
  • Monitoring
    • Readme
    • 0. What is Monitoring
    • 1. install prometheus and grafana
    • 2. grafana provisioning
    • 3. grafana dashboard
    • 4. grafana portable dashboard
    • 5. prometheus ui
    • 6. prometheus oauth2
    • Prometheus
      • Metric type
      • basic
      • rate vs irate
      • k8s-prometheus
    • Grafana
      • Expolorer
    • Node Exporter
      • advance
      • textfile collector
  • Motivation
    • 3 Simple Rule
  • OPENNEBULA
    • Install(ansible)
    • Install
    • Tip
    • Windows vm
  • Reading
    • comfort zone
    • 배려
    • elon musk 6 rule for insane productivity
    • Feynman Technique
    • how to interview - elon musk
    • 경청
    • Readme
  • Redis
    • Install
    • Master-slave Architecture
    • Sentinel
    • Redis Cluster
    • Client programming c#
  • SEO
    • Readme
  • Security
    • criminalip.io
      • criminalip.io
  • Stock
    • robinhood-python
  • Terraform
    • moved block
    • output
  • vault
    • Readme
  • VS Code
    • dev container
    • dev container on remote server
  • Old fashione trend
    • curity
    • MAAS
      • Install maas
      • Manage maas
      • Tip
Powered by GitBook
On this page

Was this helpful?

  1. Kubernetes
  2. Extension

Cert Manager

PreviousIngress nginxNextKube prometheus

Last updated 1 year ago

Was this helpful?

ssl을 생성해주는 툴

ClusterIssuer : 클러스터 전체에서 한개의 issuer를 사용가능하게

Issuer : namespace마다 하나의 issuer를 생성해서 사용하게

예전에는 certificate를 따로 만들고 이 이름을 ingress에 넣어주어서 생성을 햇으나 anotation이 생겼다.

  • cert-manager.io/issuer: the name of an Issuer to acquire the certificate required for this Ingress. The Issuer must be in the same namespace as the Ingress resource.

  • cert-manager.io/cluster-issuer: the name of a ClusterIssuer to acquire the certificate required for this Ingress. It does not matter which namespace your Ingress resides, as ClusterIssuers are non-namespaced resources.

이걸 사용하면 하나로 처리가 가능하다.

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: test-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    certmanager.k8s.io/cluster-issuer: "dns-issuer-aws-live"
spec:
  tls:
    - hosts:
        - test.your-domain.com
      secretName: test-tls
  rules:
    - host: test.your-domain.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: ngnix-service
                port:
                  number: 80
Securing Ingress Resourcescert-manager
Logo