kube-cert-manager
kube-cert-manager copied to clipboard
Comparison with https://github.com/jetstack/kube-lego?
A comparison with https://github.com/jetstack/kube-lego would be helpful. AFAICT, both projects have the same goal?
kube-lego
can only respond to challenges using the HTTP-01
challenge, and only works for Ingress
objects.
kube-cert-manager
is a lot more flexible. It:
- Supports the other two challenge types (
SNI-TLS-01
,DNS-01
) - Uses xenolf/lego to support a ton of DNS providers
- Supports certificates as ThirdParty resources, meaning I can use
kube-cert-manager
to request TLS certificates for anything, like my IRC bouncer, for example
kube-lego
:
- Ends up re-implementing a subset of ACME (instead of using xenolf/lego)
- Has a much better implementation for HTTP challenges (see https://github.com/PalmStoneGames/kube-cert-manager/issues/42)
Let me know if I missed anything!