doc: Improve TLSStore CRD documentation
This commit is contained in:
parent
74ef79ea23
commit
e7baf44a2e
1 changed files with 7 additions and 10 deletions
|
@ -1609,14 +1609,14 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre
|
||||||
|
|
||||||
`TLSStore` is the CRD implementation of a [Traefik "TLS Store"](../../https/tls.md#certificates-stores).
|
`TLSStore` is the CRD implementation of a [Traefik "TLS Store"](../../https/tls.md#certificates-stores).
|
||||||
|
|
||||||
Register the `TLSStore` kind in the Kubernetes cluster before creating `TLSStore` objects
|
Register the `TLSStore` kind in the Kubernetes cluster before creating `TLSStore` objects.
|
||||||
or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`IngressRouteTCP`](#kind-ingressroutetcp) objects.
|
|
||||||
|
|
||||||
!!! important "Default TLS Store"
|
!!! important "Default TLS Store"
|
||||||
|
|
||||||
Traefik currently only uses the [TLS Store named "default"](../../https/tls.md#certificates-stores).
|
Traefik currently only uses the [TLS Store named "default"](../../https/tls.md#certificates-stores).
|
||||||
|
This _default_ `TLSStore` should be in a namespace discoverable by Traefik. Since it is used by default on [`IngressRoute`](#kind-ingressroute) and [`IngressRouteTCP`](#kind-ingressroutetcp) objects, there never is a need to actually reference it.
|
||||||
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
This means that you cannot have two stores that are named default in different Kubernetes namespaces.
|
||||||
For the time being, please only configure one TLSStore named default.
|
As a consequence, with respect to TLS stores, the only change that makes sense (and only if needed) is to configure the default TLSStore.
|
||||||
|
|
||||||
!!! info "TLSStore Attributes"
|
!!! info "TLSStore Attributes"
|
||||||
```yaml tab="TLSStore"
|
```yaml tab="TLSStore"
|
||||||
|
@ -1624,7 +1624,7 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
|
||||||
kind: TLSStore
|
kind: TLSStore
|
||||||
metadata:
|
metadata:
|
||||||
name: default
|
name: default
|
||||||
namespace: default
|
|
||||||
spec:
|
spec:
|
||||||
certificates: # [1]
|
certificates: # [1]
|
||||||
- secretName: foo
|
- secretName: foo
|
||||||
|
@ -1645,7 +1645,6 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
|
||||||
kind: TLSStore
|
kind: TLSStore
|
||||||
metadata:
|
metadata:
|
||||||
name: default
|
name: default
|
||||||
namespace: default
|
|
||||||
|
|
||||||
spec:
|
spec:
|
||||||
defaultCertificate:
|
defaultCertificate:
|
||||||
|
@ -1660,16 +1659,14 @@ or referencing TLS stores in the [`IngressRoute`](#kind-ingressroute) / [`Ingres
|
||||||
|
|
||||||
spec:
|
spec:
|
||||||
entryPoints:
|
entryPoints:
|
||||||
- web
|
- websecure
|
||||||
routes:
|
routes:
|
||||||
- match: Host(`example.com`) && PathPrefix(`/stripit`)
|
- match: Host(`example.com`) && PathPrefix(`/stripit`)
|
||||||
kind: Rule
|
kind: Rule
|
||||||
services:
|
services:
|
||||||
- name: whoami
|
- name: whoami
|
||||||
port: 80
|
port: 80
|
||||||
tls:
|
tls: {}
|
||||||
store:
|
|
||||||
name: default
|
|
||||||
```
|
```
|
||||||
|
|
||||||
```yaml tab="Secret"
|
```yaml tab="Secret"
|
||||||
|
|
Loading…
Reference in a new issue