Janrs.com | 杨建勇

  • 首页
  • 站点地图
  • 所有文章
  • 加入学习群
Janrs.com | 杨建勇
Go/Kubernetes/Istio/CloudNative
  1. 首页
  2. 代码手册
  3. 正文

istio网关配置ssl证书开启443端口访问

2023年3月2日 61点热度 0人点赞 0条评论

istio网关配置ssl证书开启443端口访问


生成ssl证书

以配置访问rancher为例子

export DOMAIN_NAME=janrs.com

openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -subj '/O=$DOMAIN_NAME Inc./CN=$DOMAIN_NAME' -keyout $DOMAIN_NAME.key -out $DOMAIN_NAME.crt

openssl req -out rancher.$DOMAIN_NAME.csr -newkey rsa:2048 -nodes -keyout rancher.$DOMAIN_NAME.key -subj "/CN=rancher.$DOMAIN_NAME/O=rancher world from $DOMAIN_NAME"
openssl x509 -req -days 365 -CA $DOMAIN_NAME.crt -CAkey $DOMAIN_NAME.key -set_serial 0 -in rancher.$DOMAIN_NAME.csr -out rancher.$DOMAIN_NAME.crt

kubectl create secret tls istio-ingressgateway-certs -n istio-system --key rancher.$DOMAIN_NAME.key --cert rancher.$DOMAIN_NAME.crt

创建istio网关

# gateway
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: janrs
  namespace: cattle-system
spec:
  selector:
    istio: ingressgateway
  servers:
    - port:
        number: 443
        name: https
        protocol: HTTPS
      hosts:
        - "*"
      tls:
        mode: SIMPLE
        credentialName: janrs-credential
---
# virtual service
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: janrs
  namespace: cattle-system
spec:
  hosts:
    - "www.janrs.com"
  gateways:
    - janrs
  http:
    - match:
        - uri:
            prefix: /
      route:
        - destination:
            port:
              number: 80
            host: janrs
本作品采用 知识共享署名-非商业性使用 4.0 国际许可协议 进行许可
标签: Envoy gateway go golang istio k8s kubeadm rancher ssl
最后更新:2023年3月12日

码仔

Janrs.com

点赞
< 上一篇
下一篇 >

文章评论

razz evil exclaim smile redface biggrin eek confused idea lol mad twisted rolleyes wink cool arrow neutral cry mrgreen drooling persevering
取消回复
有关Go/istio/k8s/云原生直接搜
文章目录
  • istio网关配置ssl证书开启443端口访问
    • 生成ssl证书
    • 创建istio网关

COPYRIGHT © 2023 Janrs.com | 杨建勇. ALL RIGHTS RESERVED.

Theme Kratos Made By Seaton Jiang

闽ICP备20002184号