How do I deploy an SSL certificate for a related component in K8S? For example, minio.
caesar168 opened this issue · 5 comments
What would you like to share?
How do I deploy an SSL certificate for a related component in K8S? For example, minio.
Additional information
No response
After reading the article you provided at https://github.com/openimsdk/helm-charts/tree/main/infra/minio, I would suggest searching for tls.enabled on the page to determine if setting it to false can resolve the authentication issue with Minio in the container. Thank you for bringing this to my attention and I hope this solution proves helpful.
@caesar168 You can configure this field in the following file: https://github.com/openimsdk/helm-charts/blob/main/infra/minio-config.yaml. Thank you for considering this option.
apiIngress:
enabled: true
ingressClassName: "nginx"
hostname: openim.server.com # your hostname
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 50m
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
path: /im-minio-api(/|$)(.*)
pathType: ImplementationSpecific
servicePort: minio-api
extraTls:
- hosts:
- openim.server.com
secretName: webapitls #your hostname tls
We did not use the minio deployment solution provided by the project team, our minio system is deployed in the underlying storage facilities outside the K8S system, so it is invalid to modify the SSL in the project team. In the actual application system, no user will deploy the minio storage in the nfs-client storage class, but directly deploy it on the physical host.
Understood. I will work on upgrading the storage and hopefully, you will be pleasantly surprised in the next iteration.