istio letsencrypt cluster issuer /.well-known/acme-challenge/ code example

Example: istio letsencrypt cluster issuer /.well-known/acme-challenge/

apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-config
data:
  nginx.conf: |
    server {
      listen 80 default_server;
      server_name _;
      return 301 https://$host$request_uri;
    }
---
apiVersion: v1
kind: Service
metadata:
  name: redirect
  labels:
    app: redirect
spec:
  ports:
  - port: 80
    name: http
  selector:
    app: redirect
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redirect
spec:
  replicas: 1
  selector:
    matchLabels:
      app: redirect
  template:
    metadata:
      labels:
        app: redirect
    spec:
      containers:
      - name: redirect
        image: nginx:stable
        resources:
          requests:
            cpu: "100m"
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
        volumeMounts:
        - mountPath: /etc/nginx/conf.d
          name: config
      volumes:
      - name: config
        configMap:
          name: nginx-config
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: acme-solver
  namespace: istio-system
spec:
  hosts:
  - "*"
  gateways:
  - acme-gateway
  http:
  - name: "acmesolver"
    match:
    - uri:
        prefix: /.well-known/acme-challenge
    route:
    - destination:
        host: reviews.prod.svc.cluster.local
        port:
          number: 8089
  - name: "nginx"
    route:
    - destination:
        host: nginx