CertManager - Kulichanin/speedtest GitHub Wiki
Install CertManager
Install
Create ClusterIssuer for tsl
helm repo add jetstack https://charts.jetstack.io --force-update
helm install \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.17.0 \
--set crds.enabled=true
Create ingress role wirh tls cert
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
email: [email protected]
privateKeySecretRef:
name: letsencrypt-private-key
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- http01:
ingress:
class: nginx
Create ingress role with tls
Example with kibana
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
namespace: logging
annotations:
cert-manager.io/cluster-issuer: "letsencrypt"
spec:
ingressClassName: nginx
rules:
- host: kibana.rbr-kubernetes.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kibana-kibana
port:
number: 5601
tls:
- hosts:
- kibana.rbr-kubernetes.com
secretName: kibana-tls
Debuging
Get ingo about cert
kubectl get certificate
kubectl describe certificate kibana-tls