Create the sertificate and a secret
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout secret.key -out secret.crt -subj "/CN=foobar.com"
kubectl create secret tls tls-secret --key=secret.key --cert=secret.crt
apiVersion: apps/v1beta2 | |
kind: Deployment | |
metadata: | |
name: nginx-deployment | |
labels: | |
app: nginx | |
spec: | |
replicas: 3 | |
selector: | |
matchLabels: | |
app: nginx | |
template: | |
metadata: | |
labels: | |
app: nginx | |
spec: | |
containers: | |
- name: nginx | |
image: nginx:1.7.9 | |
ports: | |
- containerPort: 80 | |
--- | |
apiVersion: apps/v1beta2 | |
kind: Deployment | |
metadata: | |
name: httpd-deployment | |
labels: | |
app: httpd | |
spec: | |
replicas: 3 | |
selector: | |
matchLabels: | |
app: httpd | |
template: | |
metadata: | |
labels: | |
app: httpd | |
spec: | |
containers: | |
- name: httpd | |
image: httpd | |
ports: | |
- containerPort: 80 | |
--- | |
kind: Service | |
apiVersion: v1 | |
metadata: | |
name: nginx-service | |
spec: | |
type: NodePort | |
selector: | |
app: nginx | |
ports: | |
- protocol: TCP | |
port: 80 | |
protocol: TCP | |
name: http | |
--- | |
kind: Service | |
apiVersion: v1 | |
metadata: | |
name: httpd-service | |
spec: | |
type: NodePort | |
selector: | |
app: httpd | |
ports: | |
- protocol: TCP | |
port: 80 | |
protocol: TCP | |
name: http | |
--- | |
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
name: fanout-ingress-gce | |
spec: | |
tls: | |
- secretName: tls-secret | |
rules: | |
- http: | |
paths: | |
- path: / | |
backend: | |
serviceName: nginx-service | |
servicePort: 80 | |
- path: /echo | |
backend: | |
serviceName: httpd-service | |
servicePort: 80 |