3. 준비
▪ 쿠버네티스 설치와 클러스터 구성
▪ helm3 설치
▪ cert-manager 설치와 사용방법 이해
▪ https://youtu.be/jkAlpv4WAUg 참고
▪ 외부 도메인/네임서버
▪ 실습에서는 네임서버를 cloudflare사용
▪ 동적 프로비저닝 활성화
4. 설치 - cert manager 설정
▪ namespace 생성
apiVersion: v1
kind: Secret
metadata:
name: cloudflare-api-token-secret
namespace: nexus
type: Opaque
stringData:
api-token: <your-token>
▪ cert-manager 네임서버 access-token 생성
kubectl create ns nexus
kubectl apply -f token.yaml
5. 설치 - cert manager 설정
▪ cert-manager issuer생성
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: nexus-prodissuser
namespace: nexus
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: <your email>
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: nexus-prodissuser
# Enable the challenge provider
solvers:
- dns01:
cloudflare:
email: <your email>
apiTokenSecretRef:
name: cloudflare-api-token-secret #cloudflare api token
key: api-token
kubectl apply -f issuer.yaml