策略引擎>> k8-byexamples-cert-manager>> 返回
项目作者: mateothegreat

项目描述 :
LetsEncrypt Certificate Management with cert-manager
高级语言: Makefile
项目地址: git://github.com/mateothegreat/k8-byexamples-cert-manager.git


Clickity click
Twitter Follow Skype Contact

Wildcard Certificates

Waiting on pull request https://github.com/jetstack/cert-manager/pull/309 which adds wildcard support to cert-manager.

LetsEncrypt Certificate Management with cert-manager Edit

k8 by example — straight to the point, simple execution.

Certificate management as easy as a spec. Goes well with https://github.com/mateothegreat/k8-byexamples-ingress-controller.

Getting started

Clone this repo and initialize submodules:

  1. git clone https://github.com/mateothegreat/k8-byexamples-cert-manager && cd $_
  2. git submodule update --init

Usage

Run make install and you’re ready to start creating certificate requests.
See the templates directory for certificate examples.

  1. $ make help
  3.                                 __                 __
  4.    __  ______  ____ ___  ____ _/ /____  ____  ____/ /
  5.   / / / / __ \/ __  __ \/ __  / __/ _ \/ __ \/ __  /
  6.  / /_/ / /_/ / / / / / / /_/ / /_/  __/ /_/ / /_/ /
  7.  \__, /\____/_/ /_/ /_/\__,_/\__/\___/\____/\__,_/
  8. /____
  9.                         yomateo.io, it ain't easy.
  11. Usage: make <target(s)>
  13. Targets:
  15.   certificate-issue    Creates a new Certificate request (make certificate-issue NS=somenamespace HOST=foo.bar.com)
  16.   certificate-delete   Deletes Certificate request (make certificate-issue NS=somenamespace HOST=foo.bar.com)
  17.   dump/submodules      Output list of submodules & repositories
  18.   install              Installs manifests to kubernetes using kubectl apply (make manifests to see what will be installed)
  19.   delete               Deletes manifests to kubernetes using kubectl delete (make manifests to see what will be installed)
  20.   get                  Retrieves manifests to kubernetes using kubectl get (make manifests to see what will be installed)
  21.   get/all              Retrives all resources (in color!)
  22.   describe             Describes manifests to kubernetes using kubectl describe (make manifests to see what will be installed)
  23.   context              Globally set the current-context (default namespace)
  24.   shell                Grab a shell in a running container
  25.   dump/logs            Find first pod and follow log output
  26.   dump/manifests       Output manifests detected (used with make install, delete, get, describe, etc)
  29. Tools:
  31.   get/myip              Get your external ip
  32.   testing-curl          Try to curl http & https from $(HOST)
  33.   testing/curlhttp      Try to curl http://$(HOST)
  34.   testing/curlhttps     Try to curl https://$(HOST)
  35.   testing/getip         Retrieve external IP from api.ipify.org
  36.   git/update            Update submodule(s) to HEAD from origin
  37.   git/up                Update all .make submodules
  38.   rbac/grant-google     Create clusterrolebinding for cluster-admin

Creating new Certificates

Create a Certificate resource (see templates directory) via make cert NS=somenamespace HOST=foo.bar.com.
You can use make logs to follow the log output from the cert-manager pod and follow the action.

Example:

````sh
$ make certificate-issue NS=testing HOST=staticip.gcp.streaming-platform.com

certificate “staticip.gcp.streaming-platform.com” created


I0206 12:17:28.294092 1 controller.go:187] certificates controller: syncing item ‘testing/staticip.gcp.streaming-platform.com’
I0206 12:17:28.294270 1 sync.go:107] Error checking existing TLS certificate: secret “tls-staticip.gcp.streaming-platform.com” not found
I0206 12:17:28.294342 1 sync.go:238] Preparing certificate with issuer
I0206 12:17:28.294844 1 prepare.go:239] Compare “” with “https://acme-v01.api.letsencrypt.org/acme/reg/28937938