kubernetes-router icon indicating copy to clipboard operation
kubernetes-router copied to clipboard

Published 20 hours ago verified publisher icon tsuru

Add support for TLS with cert-manager

Open andrestc opened this issue 6 years ago • 4 comments

We added support for nginx + tls using kube-lego and its annotations in #11. Kube-lego is now deprecated and only supported in Kubernetes up to 1.8.x. We should add support for tls using cert-manager, which is the official replacement for kube-lego: https://github.com/jetstack/cert-manager/.

andrestc avatar Apr 18 '18 14:04 andrestc

I've updated to cert-manager and update nginx-ingress (which already supports cert-manager). The annotations are still the same for it: kubernetes.io/tls-acme: true

But the point is that we have a few new annotations that can be used (besides the basic):

https://github.com/jetstack/cert-manager/blob/62c2fd8df9a8c8eaddd193fbfcd82269dc6836fe/docs/reference/ingress-shim.rst

I would say that certmanager.k8s.io/issuer and certmanager.k8s.io/cluster-issuer are nice ones to have handled by kubernetes-router.

gfleury avatar May 08 '18 10:05 gfleury

Actually you can assign to me. =)

gfleury avatar May 08 '18 12:05 gfleury

Look good. Maybe we can support receiving these as custom router options as well.

andrestc avatar May 08 '18 14:05 andrestc

Sure, I will create a PR soon.

gfleury avatar May 08 '18 14:05 gfleury