2019-06-21 15:18:05 +00:00
|
|
|
apiVersion: v1
|
|
|
|
kind: Secret
|
|
|
|
metadata:
|
|
|
|
name: secretCA1
|
|
|
|
namespace: default
|
|
|
|
|
|
|
|
data:
|
|
|
|
tls.ca: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
|
|
|
|
|
|
|
---
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Secret
|
|
|
|
metadata:
|
|
|
|
name: secretCA2
|
|
|
|
namespace: default
|
|
|
|
|
|
|
|
data:
|
|
|
|
tls.ca: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
|
|
|
|
|
|
|
---
|
|
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
|
|
kind: TLSOption
|
|
|
|
metadata:
|
|
|
|
name: foo
|
|
|
|
namespace: default
|
|
|
|
|
|
|
|
spec:
|
2019-07-12 15:50:04 +00:00
|
|
|
minVersion: VersionTLS12
|
|
|
|
sniStrict: true
|
|
|
|
cipherSuites:
|
2019-06-21 15:18:05 +00:00
|
|
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
|
|
|
- TLS_RSA_WITH_AES_256_GCM_SHA384
|
2019-07-12 15:50:04 +00:00
|
|
|
clientAuth:
|
|
|
|
secretNames:
|
2019-06-21 15:18:05 +00:00
|
|
|
- secretCA1
|
|
|
|
- secretCA2
|
2019-07-12 15:50:04 +00:00
|
|
|
clientAuthType: VerifyClientCertIfGiven
|
2019-06-21 15:18:05 +00:00
|
|
|
|
|
|
|
---
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Secret
|
|
|
|
metadata:
|
|
|
|
name: supersecret
|
|
|
|
namespace: default
|
|
|
|
|
|
|
|
data:
|
|
|
|
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
|
|
|
|
tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0=
|
|
|
|
|
|
|
|
---
|
|
|
|
apiVersion: traefik.containo.us/v1alpha1
|
|
|
|
kind: IngressRouteTCP
|
|
|
|
metadata:
|
2019-07-05 15:24:04 +00:00
|
|
|
name: test.route
|
2019-06-21 15:18:05 +00:00
|
|
|
namespace: default
|
|
|
|
|
|
|
|
spec:
|
|
|
|
entryPoints:
|
|
|
|
- foo
|
|
|
|
|
|
|
|
routes:
|
|
|
|
- match: HostSNI(`foo.com`)
|
|
|
|
services:
|
|
|
|
- name: whoamitcp
|
|
|
|
port: 8000
|
|
|
|
|
|
|
|
tls:
|
|
|
|
options:
|
|
|
|
name: foo
|