You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.8 KiB
1.8 KiB
-
Install the
cert-manageron petclinic cluster. See Cert-Manager info.- Create the namespace for ingress-basic
kubectl create namespace ingress-basic- Add the Jetstack Helm repository.
helm repo add jetstack https://charts.jetstack.io- Update your local Helm chart repository.
helm repo update- Install the
Custom Resource Definitionresources separately
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml- Install the cert-manager Helm chart
helm install \ cert-manager jetstack/cert-manager \ --namespace ingress-basic \ --version v1.7.1- Verify that the cert-manager is deployed correctly.
kubectl get pods --namespace ingress-basic -o wide -
Create
ClusterIssuerwith name ofcluster-issuer.ymlfor the production certificate throughLet's Encrypt ACME(Automated Certificate Management Environment) with following content and save it underazure/k8sfolder. Note that certificate will only be created after annotating and updating theIngressresource.
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: info@volosoft.com
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: letsencrypt
# Enable the HTTP-01 challenge provider
solvers:
- http01:
ingress:
class: nginx
- Check if
ClusterIssuerresource is created.
kubectl apply -f etc/azure/cluster-issuer.yaml
kubectl get clusterissuers letsencrypt -n ingress-basic -o wide