openssl req \
-new \
-newkey rsa:4096 \
-days 365 \
-nodes \
-x509 \
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=example.com" \
-keyout example.com.key \
-out example.com.cert
- Create k8 certificate using above cert
kubectl create secret tls example-cert \
--key="example.com.key" \
--cert="example.com.cert"
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: "haproxy"
haproxy.org/rewrite-target: "/"
name: prometheus-ingress
spec:
rules:
- host: prometheus.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: prometheus-service
port:
number: 9090
tls:
- secretName: example-cert
hosts:
- prometheus.example.com