helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl create namespace cert-manager
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--version v1.9.1 \
--set installCRDs=true
kubectl apply -f - <<YAML
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: [email protected]
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
class: public
YAML
kubectl apply -f - <<YAML
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: [email protected]
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: public
YAMLkubectl delete ClusterIssuer letsencrypt-staging
kubectl delete ClusterIssuer letsencrypt-prod
helm delete cert-manager -n cert-manager
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: production-auto-deploy
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
# kubernetes.io/ingress.class: public
spec:
ingressClassName: public
rules:
- host: sample.apps.domain.com
http:
paths:
- backend:
service:
name: production-auto-deploy
port:
number: 5000
path: /
pathType: Prefix
tls:
- hosts:
- sample.apps.domain.com
secretName: production-auto-deploy-tls