cert-manager

module
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 15, 2018 License: Apache-2.0

README

cert-manager Build Status

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.

It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

It is loosely based upon the work of kube-lego and has borrowed some wisdom from other similar projects e.g. kube-cert-manager.

cert-manager high level overview diagram

Current status

This project is not yet ready to be a component in a critical production stack, however it is at a point where it offers comparable features to other projects in the space. If you have a non-critical piece of infrastructure, or are feeling brave, please do try cert-manager and report your experience here in the issue section.

NOTE: currently we provide no guarantees on our API stability. This means there may be breaking changes that will require changes to all Issuer/Certificate resources you have already created. We aim to provide a stable API after a 1.0 release.

Quickstart

Prebuilt images for cert-manager are made available on Dockerhub.

Pre-requisites
  • Kubernetes cluster with CustomResourceDefinition or ThirdPartyResource support
Deploying cert-manager

The easiest way to deploy cert-manager into your cluster is to use the Helm chart. For information on how to do this see the Deploying cert-manager using Helm user guide.

Creating your first Issuer and Certificate

An Issuer in cert-manager describes a source of X.509 certificates. A Certificate in cert-manager defines a desired X.509 certificate. Below is a list of user guides that can be used to get started with both resources:

Further documentation

For further documentation, please check the /docs directory in this repository.

Troubleshooting

If you encounter any issues whilst using cert-manager, and your issue is not documented, please file an issue.

Contributing

We welcome pull requests with open arms! There's a lot of work to do here, and we're especially concerned with ensuring the longevity and reliability of the project.

Please take a look at our issue tracker if you are unsure where to start with getting involved!

We also use the #kube-lego channel on kubernetes.slack.com for chat relating to the project.

Developer documentation should be available soon at docs/devel.

Changelog

The list of releases is the best place to look for information on changes between releases.

Directories

Path Synopsis
cmd
pkg
api
apis/certmanager
Package certmanager is the internal version of the API.
Package certmanager is the internal version of the API.
apis/certmanager/install
Package install installs the experimental API group, making it available as an option to all of the API encoding/decoding machinery.
Package install installs the experimental API group, making it available as an option to all of the API encoding/decoding machinery.
apis/certmanager/v1alpha1
Package v1alpha1 is the v1alpha1 version of the API.
Package v1alpha1 is the v1alpha1 version of the API.
client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
This package contains the scheme of the automatically generated clientset.
client/clientset/versioned/typed/certmanager/v1alpha1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
issuer/acme/dns/clouddns
Package clouddns implements a DNS provider for solving the DNS-01 challenge using Google Cloud DNS.
Package clouddns implements a DNS provider for solving the DNS-01 challenge using Google Cloud DNS.
issuer/acme/dns/cloudflare
Package cloudflare implements a DNS provider for solving the DNS-01 challenge using cloudflare DNS.
Package cloudflare implements a DNS provider for solving the DNS-01 challenge using cloudflare DNS.
issuer/acme/dns/route53
Package route53 implements a DNS provider for solving the DNS-01 challenge using AWS Route 53 DNS.
Package route53 implements a DNS provider for solving the DNS-01 challenge using AWS Route 53 DNS.
test
e2e
third_party

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL