cd ~/ingress # 生成私钥 tls.key, 密钥位数是 2048 openssl genrsa -out tls.key 2048 # 使用 tls.key 生成自签证书 openssl req -new -x509 -key tls.key -out tls.crt -subj /C=CN/ST=GuangDong/L=Guangzhou/O=DevOps/CN=tomcat.klvchen.com kubectl create secret tls tomcat-ingress-secret --cert=tls.crt --key=tls.key kubectl get secret kubectl describe secret tomcat-ingress-secret vi ingress-tomcat-tls.yaml # 内容为 apiVersion: extensions/v1beta1 kind: Ingress metadata: name: ingress-tomcat-tls namespace: default annotations: kubernetes.io/ingress.class: "nginx" spec: tls: - hosts: - tomcat.klvchen.com secretName: tomcat-ingress-secret rules: - host: tomcat.klvchen.com http: paths: - path: backend: serviceName: tomcat servicePort: 8080 kubectl apply -f ingress-tomcat-tls.yaml kubectl get ingress kubectl describe ingress ingress-tomcat-tls # 浏览器访问 https://tomcat.klvchen.com:30443/