I would like to have TLS Certificate with my domain. Can you provide me with the settings for values.yaml to be changed to configure ingress with tls.crt and tls.key from a trusted CA using my domain abc.xyz.com and IP: 10.10.10.10?
Note: I updated the IPs and domain for security reasons.
I tried to update the ingress section in values.yaml:
ingress:
enabled: true
labels: {}
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: "10.10.10.0/24"
ingressClassName: "nginx"
pathType: Prefix
activeService: true
hosts:
- host: abc.xyz.com
paths: []
extraPaths: []
tls:
- secretName: vault-tls
hosts:
- abc.xyz.com
loadBalancerIP: 10.10.10.10
hostAliases: []
route:
enabled: false
activeService: true
labels: {}
annotations: {}
host: chart-example.local
tls:
termination: passthrough
authDelegator:
enabled: true
extraInitContainers: null
extraContainers: null
shareProcessNamespace: false
extraArgs: ""
extraPorts: null
readinessProbe:
enabled: true
port: 8200
failureThreshold: 2
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
livenessProbe:
enabled: false
execCommand: []
path: "/v1/sys/health?standbyok=true"
port: 8200
failureThreshold: 2
initialDelaySeconds: 60
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
When I run:
kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
vault nginx abc.xyz.com 5.5.99.30 80, 443 2m10s
I get a random IP Address. So, this cannot work (cannot validate the TLS Certificate) as my domain abc.xyz.com refers to IP: 10.10.10.10.