Skip to content

Instantly share code, notes, and snippets.

@Anishmourya

Anishmourya/README.md

Last active August 3, 2021 06:47
Show Gist options
  • Save Anishmourya/0a5c5087edb5f169ce4766319a873c82 to your computer and use it in GitHub Desktop.
Save Anishmourya/0a5c5087edb5f169ce4766319a873c82 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
README.md

  1. Install cert Manager :- kubectl apply -f https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.crds.yaml.

  2. create ClusterIssuer on same namespace where you want to deploy Host + Mapping for domains.

     ---
 apiVersion: cert-manager.io/v1alpha2
 kind: ClusterIssuer
 metadata:
   name: letsencrypt-prod
 spec:
   acme:
     email: [email protected]
     server: https://acme-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
       name: letsencrypt-prod
     solvers:
     - http01:
         ingress:
           class: nginx
       selector: {}

  3. Apply for Certificate :-

             ---
         apiVersion: cert-manager.io/v1alpha2
         kind: Certificate
         metadata:
           name: gist.github.com
           namespace: development
         spec:
           secretName: gist.github.com
           issuerRef:
             name: letsencrypt-prod
             kind: ClusterIssuer
           dnsNames:
           - gist.github.com

  4. Create a Mapping for the /.well-known/acme-challenge/ route.

             ---
         apiVersion: getambassador.io/v2
         kind: Mapping
         metadata:
           name: acme-challenge-mapping
         spec:
           prefix: /.well-known/acme-challenge/
           rewrite: ""
           service: acme-challenge-service
         ---
         apiVersion: v1
         kind: Service
         metadata:
           name: acme-challenge-service
         spec:
           ports:
           - port: 80
             targetPort: 8089
           selector:
             acme.cert-manager.io/http01-solver: "true"

  5. Create Host and Mapping :-

             apiVersion: getambassador.io/v2
         kind: Host
         metadata:
           name: gist.github.com
           namespace: development
         spec:
           acmeProvider:
             authority: 'https://acme-v02.api.letsencrypt.org/directory'
             email: [email protected]
           ambassadorId:
             - default
           hostname: gist.github.com
           selector:
             matchLabels:
               hostname: gist.github.com
           tlsSecret:
             name: gist.github.com

         ---
         kind: Mapping
         metadata:
           name: gist.github.com-dev-mapping
           namespace: development
         spec:
           host: gist.github.com
           prefix: /
           service: 'gist-dev:5000'
           timeout_ms: 60000
         apiVersion: getambassador.io/v2
@Alby1010
Copy link

Alby1010 commented Aug 3, 2021

HI,
while referring this the final stage (kind: mapping) create host and mapping, how do you specif the service name as "gist-dev:5000" we didn't created any service on that name, so I got an error for this, how its working for you?
Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment