已经有一段时间了,我无法让它工作。基本上我在 AWS EKS 上有一个 K8s 集群,ExternalDNS 已设置并正常工作,现在我尝试使用 cert-manager 添加 TLS/SSL 证书。
这些是我的配置:
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-cluster-issuer
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: my-email
privateKeySecretRef:
name: letsencrypt-cluster-issuer-key
solvers:
- selector:
dnsZones:
- "example.it"
- "*.example.it"
dns01:
route53:
region: eu-central-1
hostedZoneID: HOSTEDZONEID
accessKeyID: ACCESSKEYID
secretAccessKeySecretRef:
name: route53-secret
key: secretkey
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: le-crt
spec:
secretName: tls-secret
issuerRef:
kind: ClusterIssuer
name: letsencrypt-cluster-issuer
commonName: "*.example.it"
dnsNames:
- "*.example.it"
外部DNS:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
labels:
app.kubernetes.io/name: …