Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/PalmStoneGames/kube-cert-manager

Manage Lets Encrypt certificates for a Kubernetes cluster.
https://github.com/PalmStoneGames/kube-cert-manager

certificate kubernetes letsencrypt tls

Last synced: 2 months ago
JSON representation

Manage Lets Encrypt certificates for a Kubernetes cluster.

Awesome Lists containing this project

README 

        
# Kubernetes Certificate Manager



## Deprecation notice: This project is deprecated in favor of [cert-manager](https://github.com/jetstack/cert-manager)



This project is loosely based on https://github.com/kelseyhightower/kube-cert-manager

It took over most of its documentation, license, as well as the general approach to how things work.



The code itself however, was entirely reimplemented to use xenolf/lego as the basis, instead of reimplementing an ACME client and DNS plugins.



## Version



Please note: This is the documentation for the currently in development version of kcm, please refer to [v0.4.0](https://github.com/PalmStoneGames/kube-cert-manager/tree/v0.4.0) for documentation for the latest stable version



## Special note for upgrading from earlier versions



If you are upgrading from a version before 0.5.0 then note that the default way to identify Ingress resources

to be managed by the certificate manager has changed, from the `enabled` annotation, to the `class` label.

[Backwards compatible behaviour is available](docs/ingress.md) by setting the `-class` [argument](docs/deployment-arguments.md) to a blank value.



## Features



* Manage Kubernetes TLS secrets backed by Let's Encrypt issued certificates.

* Manage [Let's Encrypt](https://letsencrypt.org) issued certificates based on Kubernetes ThirdParty Resources.

* Manage [Let's Encrypt](https://letsencrypt.org) issued certificates based on Kubernetes Ingress Resources.

* Domain validation using ACME HTTP-01, SNI-TLS-01 or DNS-01 challenges.

* Support for multiple challenge providers.

* Support for subject alternative names in requested certificates.



## Project Goals



* Demonstrate how to build custom Kubernetes controllers.

* Demonstrate how to use Kubernetes [Custom Resource Definitions](https://kubernetes.io/docs/concepts/api-extension/custom-resources/).

* Demonstrate how to interact with the Kubernetes API (watches, reconciliation, etc).

* Demonstrate how to write great documentation for Kubernetes add-ons and extensions.

* Promote the usage of Let's Encrypt for securing web applications running on Kubernetes.



## Requirements



* Kubernetes 1.7+

* At least one configured [challenge provider](docs/providers.md)



## Usage



* [Deployment Guide](docs/deployment-guide.md)

* [Creating a Certificate](docs/create-a-certificate.md)

* [Deleting a Certificate](docs/delete-a-certificate.md)

* [Consuming Certificates](docs/consume-certificates.md)

- [Managing Certificates for Ingress Resources](docs/ingress.md)

- [Garbage Collection of Secrets](docs/garbage-collection.md)

* [Secure Deployment using RBAC](docs/secure-deployment.md)



## Documentation



* [Deployment Arguments](docs/deployment-arguments.md)

* [Certificate Custom Resource Definitions](docs/certificate-custom-resource.md)

* [Certificate Resources](docs/certificate-resources.md)

* [Challenge Providers](docs/providers.md)

* [Building Container Image with AWS CodeBuild](codebuild/README.md)