Skip to content

cert‐manager

Cesar Celis Hernandez edited this page Apr 4, 2024 · 20 revisions

Objective:

To test cert-manager with MinIO in k8s

Related test:

Documentation:

Steps:

  1. Create cluster:
createcluster
  1. Install cert-manager:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml

echo "Wait until cert-manager pods are running:"
kubectl wait -n cert-manager --for=condition=ready pod -l app=cert-manager --timeout=120s
kubectl wait -n cert-manager --for=condition=ready pod -l app=cainjector --timeout=120s
kubectl wait -n cert-manager --for=condition=ready pod -l app=webhook --timeout=120s
  1. Install Operator
installoperator
  1. Install Tenant with cert-manager: https://github.com/minio/operator/tree/master/examples/kustomization/tenant-certmanager
kustomize build github.com/minio/operator/examples/kustomization/tenant-certmanager\?ref\=v5.0.14 > tenant.yaml
k apply -f tenant.yaml
  1. Create operator-ca-tls secret
kubectl get secrets -n tenant-certmanager tenant-certmanager-tls -o=jsonpath='{.data.ca\.crt}' | base64 -d > public.crt
kubectl create secret generic operator-ca-tls --from-file=public.crt -n minio-operator
kubectl rollout restart deployment.apps/minio-operator -n minio-operator
Clone this wiki locally