-
Notifications
You must be signed in to change notification settings - Fork 0
cert‐manager
Cesar Celis Hernandez edited this page Apr 4, 2024
·
20 revisions
To test cert-manager
with MinIO in k8s
- https://github.com/minio/operator/blob/master/docs/cert-manager.md
- https://cert-manager.io/docs/installation/
- https://stackoverflow.com/questions/53536907/kubectl-wait-for-condition-complete-timeout-30s
- https://stackoverflow.com/questions/71384532/kubernetes-wait-for-secret-to-be-created
- Create cluster:
createcluster
- Install
cert-manager
:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml
echo "Wait until cert-manager pods are running:"
kubectl wait -n cert-manager --for=condition=ready pod -l app=cert-manager --timeout=120s
kubectl wait -n cert-manager --for=condition=ready pod -l app=cainjector --timeout=120s
kubectl wait -n cert-manager --for=condition=ready pod -l app=webhook --timeout=120s
- Install Operator
installoperator
- Install Tenant with cert-manager: https://github.com/minio/operator/tree/master/examples/kustomization/tenant-certmanager
kustomize build github.com/minio/operator/examples/kustomization/tenant-certmanager\?ref\=v5.0.14 > tenant.yaml
k apply -f tenant.yaml
kubectl get secrets -n tenant-certmanager tenant-certmanager-tls -o=jsonpath='{.data.ca\.crt}' | base64 -d > public.crt
kubectl create secret generic operator-ca-tls --from-file=public.crt -n minio-operator
kubectl rollout restart deployment.apps/minio-operator -n minio-operator