certmanager

README.md

@@ -78,7 +78,19 @@ http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-da
 
 ## set up SSL
 
-### add ssl to testsite
+    kubectl create namespace cert-manager
+    kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
+    kubectl apply -f certmanager-manifest.yaml
+
+### create issuers
+
+    ....
+
+### default issuer
+    
+    kubectl apply -f certmanager-default.yaml
+
+## add ssl to testsite
   
     kubectl apply -f staticpage-ingress-ssl.yaml
 

certmanager-default.yaml

@@ -0,0 +1,50 @@
+---
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: cert-manager
+  namespace: "cert-manager"
+  labels:
+    app: cert-manager
+    chart: cert-manager-v0.7.2
+    release: cert-manager
+    heritage: Tiller
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cert-manager
+      release: cert-manager
+  template:
+    metadata:
+      labels:
+        app: cert-manager
+        release: cert-manager
+      annotations:
+        prometheus.io/path: "/metrics"
+        prometheus.io/scrape: 'true'
+        prometheus.io/port: '9402'
+    spec:
+      serviceAccountName: cert-manager
+      containers:
+        - name: cert-manager
+          image: "quay.io/jetstack/cert-manager-controller:v0.7.2"
+          imagePullPolicy: IfNotPresent
+          args:
+          - --cluster-resource-namespace=$(POD_NAMESPACE)
+          - --leader-election-namespace=$(POD_NAMESPACE)
+          - --default-issuer-name=letsencrypt-staging
+          - --default-issuer-kind=ClusterIssuer
+          ports:
+          - containerPort: 9402
+          env:
+          - name: POD_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+          resources:
+            requests:
+              cpu: 10m
+              memory: 32Mi
+            
+