mirror of https://github.com/kubernetes/kops.git
Merge pull request #11281 from javipolo/cert-manager-default-issuer
Add ability to set a default Issuer in certManager addon
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
bc20262a47
|
|
@ -66,6 +66,7 @@ Cert-manager handles x509 certificates for your cluster.
|
||||||
spec:
|
spec:
|
||||||
certManager:
|
certManager:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
defaultIssuer: yourDefaultIssuer
|
||||||
```
|
```
|
||||||
|
|
||||||
**Warning: cert-manager only supports one installation per cluster. If you are already running cert-manager, you need to remove this installation prior to enabling this addon. As long as you are using v1 versions of the cert-manager resources, it is safe to remove existing installs and replace it with this addon**
|
**Warning: cert-manager only supports one installation per cluster. If you are already running cert-manager, you need to remove this installation prior to enabling this addon. As long as you are using v1 versions of the cert-manager resources, it is safe to remove existing installs and replace it with this addon**
|
||||||
|
|
@ -334,4 +335,4 @@ spec:
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
```
|
```
|
||||||
The masters will poll for changes in the bucket and keep the addons up to date.
|
The masters will poll for changes in the bucket and keep the addons up to date.
|
||||||
|
|
|
||||||
|
|
@ -237,6 +237,10 @@ spec:
|
||||||
certManager:
|
certManager:
|
||||||
description: CertManager determines the metrics server configuration.
|
description: CertManager determines the metrics server configuration.
|
||||||
properties:
|
properties:
|
||||||
|
defaultIssuer:
|
||||||
|
description: 'defaultIssuer sets a default clusterIssuer Default:
|
||||||
|
none'
|
||||||
|
type: string
|
||||||
enabled:
|
enabled:
|
||||||
description: 'Enabled enables the cert manager. Default: false'
|
description: 'Enabled enables the cert manager. Default: false'
|
||||||
type: boolean
|
type: boolean
|
||||||
|
|
|
||||||
|
|
@ -922,6 +922,10 @@ type CertManagerConfig struct {
|
||||||
// Image is the docker container used.
|
// Image is the docker container used.
|
||||||
// Default: the latest supported image for the specified kubernetes version.
|
// Default: the latest supported image for the specified kubernetes version.
|
||||||
Image *string `json:"image,omitempty"`
|
Image *string `json:"image,omitempty"`
|
||||||
|
|
||||||
|
// defaultIssuer sets a default clusterIssuer
|
||||||
|
// Default: none
|
||||||
|
DefaultIssuer *string `json:"defaultIssuer,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// AWSLoadBalancerControllerConfig determines the AWS LB controller configuration.
|
// AWSLoadBalancerControllerConfig determines the AWS LB controller configuration.
|
||||||
|
|
|
||||||
|
|
@ -921,6 +921,10 @@ type CertManagerConfig struct {
|
||||||
// Image is the docker container used.
|
// Image is the docker container used.
|
||||||
// Default: the latest supported image for the specified kubernetes version.
|
// Default: the latest supported image for the specified kubernetes version.
|
||||||
Image *string `json:"image,omitempty"`
|
Image *string `json:"image,omitempty"`
|
||||||
|
|
||||||
|
// defaultIssuer sets a default clusterIssuer
|
||||||
|
// Default: none
|
||||||
|
DefaultIssuer *string `json:"defaultIssuer,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// AWSLoadBalancerControllerConfig determines the AWS LB controller configuration.
|
// AWSLoadBalancerControllerConfig determines the AWS LB controller configuration.
|
||||||
|
|
|
||||||
|
|
@ -1635,6 +1635,7 @@ func Convert_kops_CanalNetworkingSpec_To_v1alpha2_CanalNetworkingSpec(in *kops.C
|
||||||
func autoConvert_v1alpha2_CertManagerConfig_To_kops_CertManagerConfig(in *CertManagerConfig, out *kops.CertManagerConfig, s conversion.Scope) error {
|
func autoConvert_v1alpha2_CertManagerConfig_To_kops_CertManagerConfig(in *CertManagerConfig, out *kops.CertManagerConfig, s conversion.Scope) error {
|
||||||
out.Enabled = in.Enabled
|
out.Enabled = in.Enabled
|
||||||
out.Image = in.Image
|
out.Image = in.Image
|
||||||
|
out.DefaultIssuer = in.DefaultIssuer
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1646,6 +1647,7 @@ func Convert_v1alpha2_CertManagerConfig_To_kops_CertManagerConfig(in *CertManage
|
||||||
func autoConvert_kops_CertManagerConfig_To_v1alpha2_CertManagerConfig(in *kops.CertManagerConfig, out *CertManagerConfig, s conversion.Scope) error {
|
func autoConvert_kops_CertManagerConfig_To_v1alpha2_CertManagerConfig(in *kops.CertManagerConfig, out *CertManagerConfig, s conversion.Scope) error {
|
||||||
out.Enabled = in.Enabled
|
out.Enabled = in.Enabled
|
||||||
out.Image = in.Image
|
out.Image = in.Image
|
||||||
|
out.DefaultIssuer = in.DefaultIssuer
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -415,6 +415,11 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
|
||||||
*out = new(string)
|
*out = new(string)
|
||||||
**out = **in
|
**out = **in
|
||||||
}
|
}
|
||||||
|
if in.DefaultIssuer != nil {
|
||||||
|
in, out := &in.DefaultIssuer, &out.DefaultIssuer
|
||||||
|
*out = new(string)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -431,6 +431,11 @@ func (in *CertManagerConfig) DeepCopyInto(out *CertManagerConfig) {
|
||||||
*out = new(string)
|
*out = new(string)
|
||||||
**out = **in
|
**out = **in
|
||||||
}
|
}
|
||||||
|
if in.DefaultIssuer != nil {
|
||||||
|
in, out := &in.DefaultIssuer, &out.DefaultIssuer
|
||||||
|
*out = new(string)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -26279,6 +26279,11 @@ spec:
|
||||||
- --cluster-resource-namespace=$(POD_NAMESPACE)
|
- --cluster-resource-namespace=$(POD_NAMESPACE)
|
||||||
- --leader-election-namespace=kube-system
|
- --leader-election-namespace=kube-system
|
||||||
- --enable-certificate-owner-ref=true
|
- --enable-certificate-owner-ref=true
|
||||||
|
{{ if .CertManager.DefaultIssuer }}
|
||||||
|
- --default-issuer-name={{ .CertManager.DefaultIssuer }}
|
||||||
|
- --default-issuer-kind=ClusterIssuer
|
||||||
|
- --default-issuer-group=cert-manager.io
|
||||||
|
{{ end }}
|
||||||
env:
|
env:
|
||||||
- name: POD_NAMESPACE
|
- name: POD_NAMESPACE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
|
|
@ -26297,7 +26302,7 @@ spec:
|
||||||
tolerations:
|
tolerations:
|
||||||
- key: node-role.kubernetes.io/master
|
- key: node-role.kubernetes.io/master
|
||||||
operator: Exists
|
operator: Exists
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue