Loading... # 安装helm traefik repo ``` helm repo add traefik https://helm.traefik.io/traefik ``` # 编辑values.yaml文件 可以到`https://raw.githubusercontent.com/traefik/traefik-helm-chart/master/traefik/values.yaml`下载默认的values.yaml 修改` additionalArguments` ``` additionalArguments: - "--certificatesresolvers.letsencrypt.acme.email=<your-email-here>" - "--certificatesresolvers.letsencrypt.acme.storage=/data/acme.json" - "--certificatesresolvers.letsencrypt.acme.caserver=https://acme-v02.api.letsencrypt.org/directory" - "--certificatesResolvers.letsencrypt.acme.dnschallenge=true" - "--certificatesResolvers.letsencrypt.acme.dnschallenge.provider=cloudflare" ``` 注释掉 ``` #securityContext: # capabilities: # drop: [ALL] # readOnlyRootFilesystem: true # runAsGroup: 65532 # runAsNonRoot: true # runAsUser: 65532 #podSecurityContext: #fsGroup: 65532 ``` 这一步是防止acme.json权限不正确 复制cloudflare global account key.在**My Profile -> API Tokens -> Global API Key -> View** 将使用key将其存储在集群中。使用 kubectl,执行: ``` kubectl create secret generic cloudflare-credentials --from-literal=globalApiKey=<YOUR API KEY> ``` 在values.yaml编辑env ``` env: - name: CF_API_EMAIL value: <YOUR_CLOUDFLARE_EMAIL@DOMAIN.com> - name: CF_API_KEY valueFrom: secretKeyRef: name: cloudflare-credentials key: globalApiKey ``` 打开traefik 的Dashboard,打开ssl  把expose 设置为`true` 修改tls里`certResolver: letsencrypt` `enabled: true` # 安装Traefik ``` helm install traefik traefik/traefik -f values.yaml ``` # 使用helm安装wordpress测试HTTPS ``` helm repo add bitnami https://charts.bitnami.com/bitnami ``` 下载wordpress的values.yaml https://raw.githubusercontent.com/bitnami/charts/master/bitnami/wordpress/values.yaml 修改values.yaml  修改`enabled: true` 修改 `hostname: <你的域名>` 安装wordpress ``` helm install wordpress bitnami/wordpress -f values.yaml ``` # 验证  traefik面板看到配置成功 访问域名也可看到证书  最后修改:2022 年 04 月 18 日 © 允许规范转载 打赏 赞赏作者 支付宝微信 赞 0 如果觉得我的文章对你有用,请随意赞赏