ZeroDownTime
/
kubezero
3
0
Fork 0
Code Issues 1 Pull Requests 23 Releases Wiki Activity
kubezero/charts/kubezero-cert-manager
History
Stefan Reimer 45e21d48ff Update chart READMEs 2021-03-25 16:32:49 +01:00
..
templates Update of various components, new aroless bootstrap working 2020-11-21 04:24:57 -08:00
.helmignore New consitent naming scheme for umbrella charts/artifacts 2020-05-06 18:20:53 +01:00
Chart.yaml Version bump cert-manager 2021-02-22 21:32:12 +01:00
README.md Update chart READMEs 2021-03-25 16:32:49 +01:00
README.md.gotmpl Updated helm-docs, fluentd SSL handled by Istio, ES&Istio tuning 2020-10-05 03:50:23 -07:00
backup-all.sh Add cert-manager backup support in bootstrap, enable schedule and controller metrics 2020-08-05 15:42:15 +01:00
values.yaml Update of various components, new aroless bootstrap working 2020-11-21 04:24:57 -08:00

README.md

kubezero-cert-manager

Version: 0.5.0 Type: application

KubeZero Umbrella Chart for cert-manager

Homepage: https://kubezero.com

Maintainers

Name Email Url
Quarky9

Requirements

Kubernetes: >= 1.18.0

Repository Name Version
https://charts.jetstack.io cert-manager 1.2.0
https://zero-down-time.github.io/kubezero/ kubezero-lib >= 0.1.3

AWS - IAM Role

If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust:

cert-manager.podAnnotations:
  iam.amazonaws.com/role: <ROLE>

Resolver Secrets

If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers.

Values

Key Type Default Description
cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.cainjector.tolerations[0].effect string "NoSchedule"
cert-manager.cainjector.tolerations[0].key string "node-role.kubernetes.io/master"
cert-manager.enabled bool true
cert-manager.extraArgs[0] string "--dns01-recursive-nameservers-only"
cert-manager.global.leaderElection.namespace string "cert-manager"
cert-manager.ingressShim.defaultIssuerKind string "ClusterIssuer"
cert-manager.ingressShim.defaultIssuerName string "letsencrypt-dns-prod"
cert-manager.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.podAnnotations object {}
cert-manager.prometheus.servicemonitor.enabled bool false
cert-manager.tolerations[0].effect string "NoSchedule"
cert-manager.tolerations[0].key string "node-role.kubernetes.io/master"
cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" string ""
cert-manager.webhook.tolerations[0].effect string "NoSchedule"
cert-manager.webhook.tolerations[0].key string "node-role.kubernetes.io/master"
clusterIssuer object {}
localCA.enabled bool false
localCA.selfsigning bool true