dos4dev/kube
1
0
Fork 0
forked from k-space/kube
Code Pull Requests Activity

Initial commit

Browse Source
This commit is contained in:
Lauri Võsandi
2022-08-16 12:40:54 +03:00
commit 7c5cad55e1
122 changed files with 51731 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
cert-manager/README.md Normal file
View File

@@ -0,0 +1,26 @@
# cert-manager
`cert-manager` is used to obtain TLS certificates from Let's Encrypt.
Added manifest with:
```
curl -L https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml -O
```
To update certificate issuer
```
kubectl apply -f namespace.yml -f cert-manager.yaml
kubectl apply -f issuer.yml
kubectl -n cert-manager create secret generic tsig-secret \
--from-literal=TSIG_SECRET=<secret>
```
Workaround for webhook timeout issue https://github.com/jetstack/cert-manager/issues/2602
It's not very clear why this is happening, deserves further investigation - presumably Calico related somehow:
```
kubectl delete mutatingwebhookconfiguration.admissionregistration.k8s.io cert-manager-webhook
kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io cert-manager-webhook
```

16233
cert-manager/cert-manager.crds.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

17329
cert-manager/cert-manager.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

19
cert-manager/issuer.yml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: default
spec:
acme:
email: info@k-space.ee
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-issuer-account-key
solvers:
- dns01:
rfc2136:
nameserver: 193.40.103.2
tsigKeyName: acme.
tsigAlgorithm: HMACSHA512
tsigSecretSecretRef:
name: tsig-secret
key: TSIG_SECRET