kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11281 from javipolo/cert-manager-default-issuer 

Add ability to set a default Issuer in certManager addon
This commit is contained in:
Kubernetes Prow Robot 2021-04-24 01:21:14 -07:00 committed by GitHub
parent 0d9e2e7bb4 bf20c6a4b7
commit bc20262a47
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/addons.md
View File

@ -66,6 +66,7 @@ Cert-manager handles x509 certificates for your cluster.
spec:
certManager:
enabled: true
defaultIssuer: yourDefaultIssuer
```
**Warning: cert-manager only supports one installation per cluster. If you are already running cert-manager, you need to remove this installation prior to enabling this addon. As long as you are using v1 versions of the cert-manager resources, it is safe to remove existing installs and replace it with this addon**
@ -334,4 +335,4 @@ spec:
}
]
```
The masters will poll for changes in the bucket and keep the addons up to date.
The masters will poll for changes in the bucket and keep the addons up to date.

4
k8s/crds/kops.k8s.io_clusters.yaml
View File

@ -237,6 +237,10 @@ spec:
certManager:
description: CertManager determines the metrics server configuration.
properties:
defaultIssuer:
description: 'defaultIssuer sets a default clusterIssuer Default:
none'
type: string
enabled:
description: 'Enabled enables the cert manager. Default: false'
type: boolean

4
pkg/apis/kops/componentconfig.go
View File

@ -922,6 +922,10 @@ type CertManagerConfig struct {
// Image is the docker container used.
// Default: the latest supported image for the specified kubernetes version.
Image *string `json:"image,omitempty"`
// defaultIssuer sets a default clusterIssuer
// Default: none
DefaultIssuer *string `json:"defaultIssuer,omitempty"`
}
// AWSLoadBalancerControllerConfig determines the AWS LB controller configuration.

4
pkg/apis/kops/v1alpha2/componentconfig.go
View File

@ -921,6 +921,10 @@ type CertManagerConfig struct {
// Image is the docker container used.
// Default: the latest supported image for the specified kubernetes version.
Image *string `json:"image,omitempty"`
// defaultIssuer sets a default clusterIssuer
// Default: none
DefaultIssuer *string `json:"defaultIssuer,omitempty"`
}
// AWSLoadBalancerControllerConfig determines the AWS LB controller configuration.

2
pkg/apis/kops/v1alpha2/zz_generated.conversion.go generated
View File

@ -1635,6 +1635,7 @@ func Convert_kops_CanalNetworkingSpec_To_v1alpha2_CanalNetworkingSpec(in *kops.C
func autoConvert_v1alpha2_CertManagerConfig_To_kops_CertManagerConfig(in *CertManagerConfig, out *kops.CertManagerConfig, s conversion.Scope) error {
out.Enabled = in.Enabled
out.Image = in.Image
out.DefaultIssuer = in.DefaultIssuer
return nil
}
@ -1646,6 +1647,7 @@ func Convert_v1alpha2_CertManagerConfig_To_kops_CertManagerConfig(in *CertManage
func autoConvert_kops_CertManagerConfig_To_v1alpha2_CertManagerConfig(in *kops.CertManagerConfig, out *CertManagerConfig, s conversion.Scope) error {
out.Enabled = in.Enabled
out.Image = in.Image
out.DefaultIssuer = in.DefaultIssuer
return nil
}

5
pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go generated
View File

@ -415,6 +415,11 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
*out = new(string)
**out = **in
}
if in.DefaultIssuer != nil {
in, out := &in.DefaultIssuer, &out.DefaultIssuer
*out = new(string)
**out = **in
}
return
}

5
pkg/apis/kops/zz_generated.deepcopy.go generated
View File

@ -431,6 +431,11 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
*out = new(string)
**out = **in
}
if in.DefaultIssuer != nil {
in, out := &in.DefaultIssuer, &out.DefaultIssuer
*out = new(string)
**out = **in
}
return
}

7
upup/models/cloudup/resources/addons/certmanager.io/k8s-1.16.yaml.template
View File

@ -26279,6 +26279,11 @@ spec:
- --cluster-resource-namespace=$(POD_NAMESPACE)
- --leader-election-namespace=kube-system
- --enable-certificate-owner-ref=true
{{ if .CertManager.DefaultIssuer }}
- --default-issuer-name={{ .CertManager.DefaultIssuer }}
- --default-issuer-kind=ClusterIssuer
- --default-issuer-group=cert-manager.io
{{ end }}
env:
- name: POD_NAMESPACE
valueFrom:
@ -26297,7 +26302,7 @@ spec:
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
---
apiVersion: apps/v1
kind: Deployment