cert-manager

설치

References

• cert-manager / Helm

helm pull oci://quay.io/jetstack/charts/cert-manager --version v1.18.4

helm show values oci://quay.io/jetstack/charts/cert-manager --version v1.18.4 \
    > cert-manager-v1.18.4.yaml

cert-manager-values.yaml

global:
  commonLabels: {}

crds:
  enabled: true

# cert-manager

resources:
  requests:
    cpu: 10m
    memory: 32Mi

tolerations: []
affinity: {}

# cert-manager-webhook
webhook:
  tolerations: []
  affinity: {}

# cert-manager-cainjector
cainjector:
  tolerations: []
  affinity: {}

startupapicheck:
  tolerations: []
  affinity: {}

• enableCertificateOwnerRef: false: 생성된 Secret의 ownerReferences에 Certificate를 추가할지 여부입니다.

helm template cert-manager oci://quay.io/jetstack/charts/cert-manager \
    --version v1.18.4 \
    -n cert-manager \
    -f cert-manager-values.yaml \
    > cert-manager.yaml

helm upgrade -i cert-manager oci://quay.io/jetstack/charts/cert-manager \
    --history-max 5 \
    --create-namespace \
    --version v1.18.4 \
    -n cert-manager \
    -f cert-manager-values.yaml

업그레이드

References

• cert-manager / Supported Releases

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.18.4/cert-manager.crds.yaml

삭제

사용된 CRD가 있는지 확인합니다.

kubectl get Issuers,ClusterIssuers,Certificates,CertificateRequests,Orders,Challenges -A

helm uninstall -n cert-manager cert-manager

kubectl get crd -oname | grep --color=never 'cert-manager.io' | xargs kubectl delete