21b11b47d6
Completed review comments Minor abbreviation fix Moved topics into its own VNF Integration section Fixed abbreviations Re-organized Kubernetes topics Change-Id: I8940d3572b789990d3b5f2d201f8ec8a46ce2943 Signed-off-by: Keane Lim <keane.lim@windriver.com>
66 lines
2.3 KiB
ReStructuredText
66 lines
2.3 KiB
ReStructuredText
|
|
.. iac1588347002880
|
|
.. _kubernetes-user-tutorials-cert-manager:
|
|
|
|
============
|
|
Cert Manager
|
|
============
|
|
|
|
|prod| integrates the open source project cert-manager.
|
|
|
|
Cert-manager is a native Kubernetes certificate management controller, that
|
|
supports certificate management with external certificate authorities \(CAs\).
|
|
nginx-ingress-controller is also integrated with |prod| in support of http-01
|
|
challenges from CAs as part of cert-manager certificate requests.
|
|
|
|
For more information about Cert Manager, see `cert-manager.io
|
|
<http://cert-manager.io>`__.
|
|
|
|
.. _kubernetes-user-tutorials-cert-manager-section-lz5-gcw-nlb:
|
|
|
|
------------------------------------
|
|
Prerequisites for using Cert Manager
|
|
------------------------------------
|
|
|
|
.. _kubernetes-user-tutorials-cert-manager-ul-rd3-3cw-nlb:
|
|
|
|
- Ensure that your |prod| administrator has shared the local registry's
|
|
public repository's credentials/secret with the namespace where you will
|
|
create certificates,. This will allow you to leverage the
|
|
``registry.local:9001/public/cert-manager-acmesolver`` image.
|
|
|
|
- Ensure that your |prod| administrator has enabled use of the
|
|
cert-manager apiGroups in your RBAC policies.
|
|
|
|
.. _kubernetes-user-tutorials-cert-manager-section-y5r-qcw-nlb:
|
|
|
|
----------------------------------------------
|
|
Resources on Creating Issuers and Certificates
|
|
----------------------------------------------
|
|
|
|
.. _kubernetes-user-tutorials-cert-manager-ul-uts-5cw-nlb:
|
|
|
|
- Configuration documentation:
|
|
|
|
- `https://cert-manager.io/docs/configuration
|
|
<https://cert-manager.io/docs/configuration/>`__/
|
|
|
|
This link provides details on creating different types of certificate
|
|
issuers or CAs.
|
|
|
|
- Usage documentation:
|
|
|
|
- `https://cert-manager.io/docs/usage/certificate/
|
|
<https://cert-manager.io/docs/usage/certificate/>`__
|
|
|
|
This link provides details on creating a standalone certificate.
|
|
|
|
- `https://cert-manager.io/docs/usage/ingress/
|
|
<https://cert-manager.io/docs/usage/ingress/>`__
|
|
|
|
This link provides details on adding a cert-manager annotation to an
|
|
Ingress in order to specify the certificate issuer for the ingress to
|
|
use to request the certificate for its https connection.
|
|
|
|
- :ref:`LetsEncrypt Example <letsencrypt-example>`
|