baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

doc: Improve TLSStore CRD documentation

Browse source
This commit is contained in:
mloiseleur 2022-12-15 14:32:06 +01:00 committed by GitHub
parent 74ef79ea23
commit e7baf44a2e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
docs/content/routing/providers/kubernetes-crd.md
View file

@ -1609,14 +1609,14 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
`TLSStore` is the CRD implementation of a [Traefik "TLS Store"](../../https/tls.md#certificates-stores).
Register the `TLSStore` kind in the Kubernetes cluster before creating `TLSStore` objects
or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`IngressRouteTCP`](#kind-ingressroutetcp) objects.
Register the `TLSStore` kind in the Kubernetes cluster before creating `TLSStore` objects.
!!! important "Default TLS Store"
Traefik currently only uses the [TLS Store named "default"](../../https/tls.md#certificates-stores).
This _default_ `TLSStore` should be in a namespace discoverable by Traefik. Since it is used by default on [`IngressRoute`](#kind-ingressroute) and [`IngressRouteTCP`](#kind-ingressroutetcp) objects, there never is a need to actually reference it.
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
For the time being, please only configure one TLSStore named default.
As a consequence, with respect to TLS stores, the only change that makes sense (and only if needed) is to configure the default TLSStore.
!!! info "TLSStore Attributes"
```yaml tab="TLSStore"
@ -1624,7 +1624,7 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
kind: TLSStore
metadata:
name: default
namespace: default
spec:
certificates: # [1]
- secretName: foo
@ -1645,8 +1645,7 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
kind: TLSStore
metadata:
name: default
namespace: default
spec:
defaultCertificate:
secretName: supersecret
@ -1660,16 +1659,14 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) && PathPrefix(`/stripit`)
kind: Rule
services:
- name: whoami
port: 80
tls:
store:
name: default
tls: {}
```
```yaml tab="Secret"