1

我安装了大使边缘堆栈 1.4.2 社区版并添加了主机文件,如下所示。

---
apiVersion: getambassador.io/v2
kind: Host
metadata:
  name: ambassador-host
spec:
  hostname: quote.svc.ambassador.dev.platformer.com
  acmeProvider:
    email: nilesh93.j@gmail.com

这陷入了下一个阶段

NAME              HOSTNAME                                  STATE   PHASE COMPLETED      PHASE PENDING              AGE
ambassador-host   quote.svc.ambassador.dev.platformer.com   Error   ACMEUserRegistered   ACMECertificateChallenge   48s

这是我选择运行示例报价服务的映射文件。

apiVersion: getambassador.io/v2
kind: Mapping
metadata:
  name: quote
  namespace: ambassador
spec:
  prefix: /quote
  service: http://quote.ambassador.svc
  host: quote.svc.ambassador.dev.platformer.com
---
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
  name:  acme-challenge-mapping
  namespace: ambassador
spec:
  rewrite: ""
  prefix: /.well-known/acme-challenge
  service: http://quote.ambassador.svc
  host: quote.svc.ambassador.dev.platformer.com

关于如何解决这个问题的任何想法?

4

1 回答 1

0

我和大使有同样的问题。我已经通过这个命令在 kubernetes 上安装了 cert-manager。

kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v0.15.1/cert-manager.yaml

检查此https://www.getambassador.io/docs/latest/howtos/cert-manager/以获取信息。您需要为主机创建 ClusterIssuer 和证书。

注意:-“Cert-manager 将自动创建和更新 TLS 证书并将其存储在 Kubernetes 机密中,以便在集群中轻松使用。Ambassador 将自动监视机密更改并在更新时重新加载证书。”

---
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
  name: acme-challenge-mapping
spec:
  prefix: /.well-known/acme-challenge/
  rewrite: ""
  service: acme-challenge-service
---
apiVersion: v1
kind: Service
metadata:
  name: acme-challenge-service
spec:
  ports:
  - port: 80
    targetPort: 8089
  selector:
    acme.cert-manager.io/http01-solver: "true"
于 2020-06-23T15:52:36.830 回答