kube-cert-manager icon indicating copy to clipboard operation
kube-cert-manager copied to clipboard

Published 20 hours ago verified publisher icon PalmStoneGames

Comparison with https://github.com/jetstack/kube-lego?

Open olalonde opened this issue 7 years ago • 1 comments

A comparison with https://github.com/jetstack/kube-lego would be helpful. AFAICT, both projects have the same goal?

olalonde avatar May 04 '17 10:05 olalonde

kube-lego can only respond to challenges using the HTTP-01 challenge, and only works for Ingress objects.

kube-cert-manager is a lot more flexible. It:

  • Supports the other two challenge types (SNI-TLS-01, DNS-01)
  • Uses xenolf/lego to support a ton of DNS providers
  • Supports certificates as ThirdParty resources, meaning I can use kube-cert-manager to request TLS certificates for anything, like my IRC bouncer, for example

kube-lego:

  • Ends up re-implementing a subset of ACME (instead of using xenolf/lego)
  • Has a much better implementation for HTTP challenges (see https://github.com/PalmStoneGames/kube-cert-manager/issues/42)

Let me know if I missed anything!

conradev avatar Jun 15 '17 03:06 conradev