KubeZero/charts/kubezero-cert-manager/README.md

2.4 KiB

kubezero-cert-manager

Version: 0.7.3 Type: application AppVersion: 1.5.3

KubeZero Umbrella Chart for cert-manager

Homepage: https://kubezero.com

Requirements

Kubernetes: >= 1.18.0

Repository Name Version
https://cdn.zero-downtime.net/charts/ kubezero-lib >= 0.1.3
https://charts.jetstack.io cert-manager 1.5.3

AWS - IAM Role

If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust:

cert-manager.podAnnotations:
  iam.amazonaws.com/role: <ROLE>

Resolver Secrets

If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers.

Values

Key Type Default Description
cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.cainjector.tolerations[0].effect string "NoSchedule"
cert-manager.cainjector.tolerations[0].key string "node-role.kubernetes.io/master"
cert-manager.enabled bool true
cert-manager.extraArgs[0] string "--dns01-recursive-nameservers-only"
cert-manager.global.leaderElection.namespace string "cert-manager"
cert-manager.ingressShim.defaultIssuerKind string "ClusterIssuer"
cert-manager.ingressShim.defaultIssuerName string "letsencrypt-dns-prod"
cert-manager.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.prometheus.servicemonitor.enabled bool false
cert-manager.startupapicheck.enabled bool false
cert-manager.tolerations[0].effect string "NoSchedule"
cert-manager.tolerations[0].key string "node-role.kubernetes.io/master"
cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.webhook.tolerations[0].effect string "NoSchedule"
cert-manager.webhook.tolerations[0].key string "node-role.kubernetes.io/master"
clusterIssuer object {}
localCA.enabled bool false
localCA.selfsigning bool true