Skip to content

Cert-Manager Module

This adds certmanager (see https://cert-manager.io/), located in the certmanager key.

It helpes you issuing and managing certificated using custom k8s resources only.

The following snippets lists all available configuration options alongside their default values:

(import 'cloudflight-libsonnet/infrastructure/cert-manager/cert-manager.libsonnet')
+ {
  _config+: {
        certmanager: {
          name: 'cert-manager',
          aks: false,
        },

  }
}

Example

(import 'cloudflight-libsonnet/infrastructure/cert-manager/cert-manager.libsonnet')
+ {
  _config+: {
    certmanager: {
      name: 'cert-manager',
      namespace: 'cert-manager',
      aks: true,
    },
  },
}

Addons

There is also a special set of utilities and extensions that can be used to make the setup process easier.

This example installs cert-manager, adds a lets-encrypt issuer and a ssl-protected ingress-rule:

local k = (import 'k.libsonnet');
local ingress = k.networking.v1.ingress;

(import 'cloudflight-libsonnet/infrastructure/cert-manager/cert-manager.libsonnet')
+ {
  issuer: k.util.certmanager.issuer.new('admin@example.com'),
  ingress: ingress.new('test.example.com') + ingress.withCertMixin($.issuer),
}