ZeroDownTime
/
kubezero
3
0
Fork 0
Code Issues 1 Pull Requests 24 Releases Wiki Activity
kubezero/charts/kubezero-cert-manager
History
Stefan Reimer 4d9bb8e11d chore: migrate all nodelabel selectors from master to control-plane 2021-12-08 17:29:53 +01:00
..
rules feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
templates feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
.gitignore feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
.helmignore feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
Chart.yaml chore: move helm repo to S3/CDN 2021-12-03 22:16:22 +01:00
README.md chore: move helm repo to S3/CDN 2021-12-03 22:16:22 +01:00
README.md.gotmpl Updated helm-docs, fluentd SSL handled by Istio, ES&Istio tuning 2020-10-05 03:50:23 -07:00
backup-all.sh Add cert-manager backup support in bootstrap, enable schedule and controller metrics 2020-08-05 15:42:15 +01:00
cert-manager-rules.yaml feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
dashboards.yaml feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
jsonnetfile.json feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
jsonnetfile.lock.json feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
rules.jsonnet feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
update.sh feat(cert-manager): Version bump, add support for Prometheus mixin 2021-09-29 16:30:37 +02:00
values.yaml chore: migrate all nodelabel selectors from master to control-plane 2021-12-08 17:29:53 +01:00

README.md

kubezero-cert-manager

Version: 0.7.3 Type: application AppVersion: 1.5.3

KubeZero Umbrella Chart for cert-manager

Homepage: https://kubezero.com

Requirements

Kubernetes: >= 1.18.0

Repository Name Version
https://cdn.zero-downtime.net/charts/ kubezero-lib >= 0.1.3
https://charts.jetstack.io cert-manager 1.5.3

AWS - IAM Role

If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust:

cert-manager.podAnnotations:
  iam.amazonaws.com/role: <ROLE>

Resolver Secrets

If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers.

Values

Key Type Default Description
cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.cainjector.tolerations[0].effect string "NoSchedule"
cert-manager.cainjector.tolerations[0].key string "node-role.kubernetes.io/master"
cert-manager.enabled bool true
cert-manager.extraArgs[0] string "--dns01-recursive-nameservers-only"
cert-manager.global.leaderElection.namespace string "cert-manager"
cert-manager.ingressShim.defaultIssuerKind string "ClusterIssuer"
cert-manager.ingressShim.defaultIssuerName string "letsencrypt-dns-prod"
cert-manager.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.prometheus.servicemonitor.enabled bool false
cert-manager.startupapicheck.enabled bool false
cert-manager.tolerations[0].effect string "NoSchedule"
cert-manager.tolerations[0].key string "node-role.kubernetes.io/master"
cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.webhook.tolerations[0].effect string "NoSchedule"
cert-manager.webhook.tolerations[0].key string "node-role.kubernetes.io/master"
clusterIssuer object {}
localCA.enabled bool false
localCA.selfsigning bool true