kube-cert-manager icon indicating copy to clipboard operation
kube-cert-manager copied to clipboard

verified publisher icon PalmStoneGames

Metadata

Manage Lets Encrypt certificates for a Kubernetes cluster.

Kubernetes Certificate Manager

Deprecation notice: This project is deprecated in favor of cert-manager

This project is loosely based on https://github.com/kelseyhightower/kube-cert-manager It took over most of its documentation, license, as well as the general approach to how things work.

The code itself however, was entirely reimplemented to use xenolf/lego as the basis, instead of reimplementing an ACME client and DNS plugins.

Version

Please note: This is the documentation for the currently in development version of kcm, please refer to v0.4.0 for documentation for the latest stable version

Special note for upgrading from earlier versions

If you are upgrading from a version before 0.5.0 then note that the default way to identify Ingress resources to be managed by the certificate manager has changed, from the enabled annotation, to the class label. Backwards compatible behaviour is available by setting the -class argument to a blank value.

Features

  • Manage Kubernetes TLS secrets backed by Let's Encrypt issued certificates.
  • Manage Let's Encrypt issued certificates based on Kubernetes ThirdParty Resources.
  • Manage Let's Encrypt issued certificates based on Kubernetes Ingress Resources.
  • Domain validation using ACME HTTP-01, SNI-TLS-01 or DNS-01 challenges.
  • Support for multiple challenge providers.
  • Support for subject alternative names in requested certificates.

Project Goals

  • Demonstrate how to build custom Kubernetes controllers.
  • Demonstrate how to use Kubernetes Custom Resource Definitions.
  • Demonstrate how to interact with the Kubernetes API (watches, reconciliation, etc).
  • Demonstrate how to write great documentation for Kubernetes add-ons and extensions.
  • Promote the usage of Let's Encrypt for securing web applications running on Kubernetes.

Requirements

  • Kubernetes 1.7+
  • At least one configured challenge provider

Usage

  • Deployment Guide
  • Creating a Certificate
  • Deleting a Certificate
  • Consuming Certificates
  • Managing Certificates for Ingress Resources
  • Garbage Collection of Secrets
  • Secure Deployment using RBAC

Documentation

  • Deployment Arguments
  • Certificate Custom Resource Definitions
  • Certificate Resources
  • Challenge Providers
  • Building Container Image with AWS CodeBuild

Metadata

538
Stars
102
Forks
Watchers

Owner

verified publisher icon PalmStoneGames

Metadata

Manage Lets Encrypt certificates for a Kubernetes cluster.

Back