Install cert-manager & Let's encrypt

Certification is one of critical security feature.

In Kubernetes, cert-manager is key role for certification management.

For cert-manager, there are only two steps.

1. Install cert-manager by helm chart


2. Configure Issuer

Installation

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml

Install Let's Encrypt Issuer

• kind ClusterIssuer is global scope API, so you don't need any namespace.

File: clusterissuer.yaml

apiVersion: cert-manager.io/v1
kind: ClusterIssuer # I'm using ClusterIssuer here
metadata:
  name: letsencrypt-prod
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: <your-email-address>
    privateKeySecretRef:
      name: letsencrypt-prod
    solvers:
    - http01:
        ingress:
          class: traefik …

api certification feature file global helm install installation key kind kubernetes management manager role security yaml