Release Notes and Announcements

Release Notes

Announcements

Release Notes

Product Introduction

Overview

Strengths

Architecture

Scenarios

Features

Concepts

Native Kubernetes Terms

Common High-Risk Operations

Regions and Availability Zones

Service Regions and Service Providers

Open Source Components

Purchase Guide

Purchase Instructions

Purchase a TKE General Cluster

Purchasing Native Nodes

Purchasing a Super Node

Getting Started

Beginner’s Guide

Quickly Creating a Standard Cluster

Examples

Container Application Deployment Check List

Cluster Configuration

General Cluster Overview

Cluster Management

Network Management

Storage Management

Node Management

GPU Resource Management

Remote Terminals

Application Configuration

Workload Management

Service and Configuration Management

Component and Application Management

Auto Scaling

Container Login Methods

Observability Configuration

Ops Observability

Cost Insights and Optimization

Scheduler Configuration

Scheduling Component Overview

Resource Utilization Optimization Scheduling

Business Priority Assurance Scheduling

QoS Awareness Scheduling

Security and Stability

TKE Security Group Settings

Identity Authentication and Authorization

Application Security

Multi-cluster Management

Planned Upgrade

Backup Center

Cloud Native Service Guide

Cloud Service for etcd

TMP

TKE Serverless Cluster Guide

TKE Registered Cluster Guide

Use Cases

Cluster

Serverless Cluster

Scheduling

Security

Service Deployment

Network

Release

Logs

Monitoring

OPS

Terraform

DevOps

Auto Scaling

Containerization

Microservice

Cost Management

Hybrid Cloud

Troubleshooting

Disk Full

High Workload

Memory Fragmentation

Cluster DNS Troubleshooting

Cluster kube-proxy Troubleshooting

Cluster API Server Inaccessibility Troubleshooting

Service and Ingress Inaccessibility Troubleshooting

Common Service & Ingress Errors and Solutions

Engel Ingres appears in Connechtin Reverside

CLB Ingress Creation Error

Troubleshooting for Pod Network Inaccessibility

Pod Status Exception and Handling

Authorizing Tencent Cloud OPS Team for Troubleshooting

CLB Loopback

API Documentation

History

Introduction

API Category

Making API Requests

Elastic Cluster APIs

Resource Reserved Coupon APIs

Cluster APIs

Third-party Node APIs

Relevant APIs for Addon

Network APIs

Node APIs

Node Pool APIs

TKE Edge Cluster APIs

Cloud Native Monitoring APIs

Scaling group APIs

Super Node APIs

Other APIs

Data Types

Error Codes

TKE API 2022-05-01

FAQs

TKE General Cluster

TKE Serverless Cluster

About OPS

Hidden Danger Handling

About Services

Image Repositories

About Remote Terminals

Event FAQs

Resource Management

Service Agreement

TKE Service Level Agreement

TKE Serverless Service Level Agreement

Glossary

Renewing a TKE Ingress Certificate

PDF

Mode fokus

Ukuran font

Terakhir diperbarui: 2024-12-13 21:12:47

Overview
Ingress certificates created in the Tencent Kubernetes Engine (TKE) console will reference certificates hosted in the SSL Certificate Service. If an Ingress is used for a long time, the Ingress certificate may expire, which will have a major impact on online businesses. This document describes how to renew an Ingress certificate before it expires. 
Directions
Querying the certificate expiration time
1. Log in to the SSL Certificate Service console and click Certificate Management in the left sidebar. 
2. In the certificate list, click Expiry date to view certificates that are about to expire.
Adding a certificate
On the Certificate management page, you can renew an existing certificate to generate a new certificate. You can Purchase certificate, Apply for free certificate, or Upload certificate to add a certificate. 
Viewing Ingresses referencing old certificate
1. Log in to the SSL Certificate Service console and select Associate cloud resources next to a certificate to view the load balancer that references this certificate.
2. Click the load balancer ID to redirect to the CLB details page. If the CLB is used for the TKE Ingress, tke-clusterId and tke-lb-ingress-uuid will appear in the Tag section. tke-clusterId and tke-lb-ingress-uuid indicate the cluster ID and Ingress UID, respectively.
3. On the Basic info page of the CLB, click the editing icon in the tag line to enter the Edit tags page.
4. Use Kubectl to query the Ingress of the cluster based on the cluster ID and filter out the Ingress resource whose UID is tke-lb-ingress.uuid. The sample reference code is as follows:
$ kubectl get ingress --all-namespaces -o=custom-columns=NAMESPACE:.metadata.namespace,INGRESS:.metadata.name,UID:.metadata.uid | grep 1a******-****-****-a329-eec697a28b35
api-prod    gateway      1a******-****-****-a329-eec697a28b35
According to the query result, api-prod/gateway in this cluster references the certificate. Therefore, this Ingress needs to be updated.
Updating an Ingress
1. In the TKE console, find the Ingress that references the old certificate and click Update forwarding configuration.
﻿
2. On the Update forwarding configuration page, create a secret for the new certificate.
﻿

 On the Create key page, select the new certificate and click Create secret.
﻿

Return to the Update forwarding configuration page, modify the TLS configuration of the Ingress, and add the created certificate secret.
﻿

Click Update forwarding configuration to renew the Ingress certificate.

Bantuan dan Dukungan

Apakah halaman ini membantu?

Anda juga dapat Menghubungi Penjualan atau Mengirimkan Tiket untuk meminta bantuan.

masukan

tencent cloud

Tencent Kubernetes Engine

Renewing a TKE Ingress Certificate

Overview

Directions

Querying the certificate expiration time

Adding a certificate

Viewing Ingresses referencing old certificate

Updating an Ingress

Bantuan dan Dukungan