helpful-beard-54962
03/25/2023, 1:22 AMrefined-analyst-8898
03/25/2023, 1:30 AMhelpful-beard-54962
03/25/2023, 1:31 AMrefined-analyst-8898
03/25/2023, 1:35 AMspec.tls.*.hosts
on the Ingress resource? There's an opportunity for a mismatch there if it's not the same value of host
on the HTTP counterpart in spec.rules.*.host
.host
.helpful-beard-54962
03/25/2023, 1:37 AMrefined-analyst-8898
03/25/2023, 1:38 AMhelpful-beard-54962
03/25/2023, 1:39 AMrefined-analyst-8898
03/25/2023, 1:40 AMapiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
annotations:
<http://cert-manager.io/issuer|cert-manager.io/issuer>: rancher
<http://cert-manager.io/issuer-kind|cert-manager.io/issuer-kind>: Issuer
<http://field.cattle.io/publicEndpoints|field.cattle.io/publicEndpoints>: '[{"addresses":["192.168.5.15"],"port":443,"protocol":"HTTPS","serviceName":"cattle-system:rancher","ingressName":"cattle-system:rancher","hostname":"<http://rancher.example.com|rancher.example.com>","allNodes":false}]'
<http://meta.helm.sh/release-name|meta.helm.sh/release-name>: rancher
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: cattle-system
<http://nginx.ingress.kubernetes.io/proxy-connect-timeout|nginx.ingress.kubernetes.io/proxy-connect-timeout>: "30"
<http://nginx.ingress.kubernetes.io/proxy-read-timeout|nginx.ingress.kubernetes.io/proxy-read-timeout>: "1800"
<http://nginx.ingress.kubernetes.io/proxy-send-timeout|nginx.ingress.kubernetes.io/proxy-send-timeout>: "1800"
creationTimestamp: "2023-03-23T00:13:53Z"
generation: 1
labels:
app: rancher
<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: Helm
chart: rancher-2.7.1
heritage: Helm
release: rancher
name: rancher
namespace: cattle-system
resourceVersion: "2223"
uid: 1f78f424-c9a3-4bae-9379-75d193409d35
spec:
ingressClassName: traefik
rules:
- host: <http://rancher.example.com|rancher.example.com>
http:
paths:
- backend:
service:
name: rancher
port:
number: 80
pathType: ImplementationSpecific
tls:
- hosts:
- <http://rancher.example.com|rancher.example.com>
secretName: tls-rancher-ingress
status:
loadBalancer:
ingress:
- ip: 192.168.5.15
<http://rancher.example.com|rancher.example.com>
in spec.rules
and spec.tls
.helpful-beard-54962
03/25/2023, 1:43 AMtls:
- hosts:
- '*.<http://example.com|example.com>'
This is the only differencerefined-analyst-8898
03/25/2023, 1:44 AMhelpful-beard-54962
03/25/2023, 1:45 AMrefined-analyst-8898
03/25/2023, 1:48 AMhelpful-beard-54962
03/25/2023, 1:57 AMrefined-analyst-8898
03/25/2023, 2:00 AMhelpful-beard-54962
03/25/2023, 2:09 AM