forked from k-space/kube
		
	Initial commit
This commit is contained in:
		
							
								
								
									
										26
									
								
								cert-manager/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								cert-manager/README.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,26 @@ | ||||
| # cert-manager | ||||
|  | ||||
| `cert-manager` is used to obtain TLS certificates from Let's Encrypt. | ||||
|  | ||||
| Added manifest with: | ||||
|  | ||||
| ``` | ||||
| curl -L https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml -O | ||||
| ``` | ||||
|  | ||||
| To update certificate issuer | ||||
|  | ||||
| ``` | ||||
| kubectl apply -f namespace.yml -f cert-manager.yaml | ||||
| kubectl apply -f issuer.yml | ||||
|  kubectl -n cert-manager create secret generic tsig-secret \ | ||||
|     --from-literal=TSIG_SECRET=<secret> | ||||
| ``` | ||||
|  | ||||
| Workaround for webhook timeout issue https://github.com/jetstack/cert-manager/issues/2602 | ||||
| It's not very clear why this is happening, deserves further investigation - presumably Calico related somehow: | ||||
|  | ||||
| ``` | ||||
| kubectl delete mutatingwebhookconfiguration.admissionregistration.k8s.io cert-manager-webhook | ||||
| kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io cert-manager-webhook | ||||
| ``` | ||||
							
								
								
									
										16233
									
								
								cert-manager/cert-manager.crds.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16233
									
								
								cert-manager/cert-manager.crds.yaml
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										17329
									
								
								cert-manager/cert-manager.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17329
									
								
								cert-manager/cert-manager.yaml
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										19
									
								
								cert-manager/issuer.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								cert-manager/issuer.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| apiVersion: cert-manager.io/v1 | ||||
| kind: ClusterIssuer | ||||
| metadata: | ||||
|   name: default | ||||
| spec: | ||||
|   acme: | ||||
|     email: info@k-space.ee | ||||
|     server: https://acme-v02.api.letsencrypt.org/directory | ||||
|     privateKeySecretRef: | ||||
|       name: example-issuer-account-key | ||||
|     solvers: | ||||
|     - dns01: | ||||
|         rfc2136: | ||||
|           nameserver: 193.40.103.2 | ||||
|           tsigKeyName: acme. | ||||
|           tsigAlgorithm: HMACSHA512 | ||||
|           tsigSecretSecretRef: | ||||
|             name: tsig-secret | ||||
|             key: TSIG_SECRET | ||||
		Reference in New Issue
	
	Block a user