Install Cert-Manager

Cert-manager simplifies the process of obtaining, renewing and using certs in your kubernetes cluster. We’ll install cert-manager using the Jetstat Helm repository.

Install Cert-Manager

1. We’ll start off by adding the helm chart to our local helm repository.

   $ helm repo add jetstack https://charts.jetstack.io && helm repo update
   

2. Install Custom Resource definitions

   Once we’ve added the chart, we’ll add the Custom Resource Definitions:

   $ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
   

3. Install cert-manager

   Now we’re ready to add cert-manager:

   $ helm install \
     cert-manager jetstack/cert-manager \
     --namespace cert-manager \
     --create-namespace \
     --version v1.7.1 
   

4. Create certificate Issuer

   With cert-manager installed, we’re now ready to create a certificate issuer. We’ll be using Let’s Encrypt.

   1. We’ll start off by creating the cert-issuer directory in your ~/k3s/ folder

      $ mkdir -p ~/k3s/cert-issuer && cd ~/k3s/cert-issuer
      

   2. Next, inside the cert-issuer folder, we’ll create the issuer.yaml file.

      apiVersion: cert-manager.io/v1
      kind: ClusterIssuer
      metadata:
          name: letsencrypt-production                # for staging, change this to letsencrypt-staging
      spec:
          acme:
              server: https://acme-staging-v02.api.letsencrypt.org/directory
              email: [email protected]              # input your email here
              privateKeySecretRef:
                  name: letsencrypt-production        # for staging, change this to letsencrypt-staging
              solvers:
                  - http01:
                      ingress:
                          class: nginx
      

   3. apply the yaml file

      $ kubectl apply -f issuer.yaml
      
      clusterissuer.cert-manager.io/letsencrypt-production created