You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Label the ingress-basic namespace to disable resource validation
kubectl label namespace ingress-basic cert-manager.io/disable-validation=true
# Add the Jetstack Helm repository
helm repo add jetstack https://charts.jetstack.io
# Update your local Helm chart repository cache
helm repo update
# Install the cert-manager Helm chart
helm install \
cert-manager jetstack/cert-manager \
--namespace ingress-basic \
--version v1.13.3 \
--set installCRDs=true
## SAMPLE OUTPUT
Kalyans-Mac-mini:azure-aks-kubernetes-masterclass-internal24 kalyanreddy$ helm install \
> cert-manager jetstack/cert-manager \
> --namespace ingress-basic \
> --version v1.13.3 \
> --set installCRDs=true
NAME: cert-manager
LAST DEPLOYED: Fri Dec 29 12:47:27 2023
NAMESPACE: ingress-basic
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
cert-manager v1.13.3 has been deployed successfully!
In order to begin issuing certificates, you will need to set up a ClusterIssuer
or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).
More information on the different types of issuers and how to configure them
can be found in our documentation:
https://cert-manager.io/docs/configuration/
For information on how to configure cert-manager to automatically provision
Certificates for Ingress resources, take a look at the `ingress-shim`
documentation:
https://cert-manager.io/docs/usage/ingress/
Kalyans-Mac-mini:azure-aks-kubernetes-masterclass-internal24 kalyanreddy$
# Verify Cert Manager pods
kubectl get pods --namespace ingress-basic
# Verify Cert Manager Services
kubectl get svc --namespace ingress-basic
Step-06: Review or Create Cluster Issuer Kubernetes Manifest
Review Cluster Issuer Kubernetes Manifest
Create or Review Cert Manager Cluster Issuer Kubernetes Manigest
apiVersion: cert-manager.io/v1kind: ClusterIssuermetadata:
name: letsencryptspec:
acme:
# You must replace this email address with your own.# Let's Encrypt will use this to contact you about expiring# certificates, and issues related to your account.email: dkalyanreddy@gmail.comserver: https://acme-v02.api.letsencrypt.org/directoryprivateKeySecretRef:
# Secret resource that will be used to store the account's private key.name: letsencrypt# Add a single challenge solver, HTTP01 using nginxsolvers:
- http01:
ingress:
ingressClassName: nginx