To interact with your cluster externally, you'll almost certainly be using a web browser, and you'll almost certainly be wanting your browsing session to be SSL-secured. Some Ingress Controllers (i.e. Traefik) will include a default, self-signed, nasty old cert which will permit you to use SSL, but it's faaaar better to use valid certs.
This is a companion discussion topic for the original entry at https://geek-cookbook.funkypenguin.co.nz/kubernetes/ssl-certificates/cert-manager/
Thanks for this, there’s a display error with the last yaml file on the site but I managed to figure it out.
Unfortuntely for me, it just won’t deploy, I think it’s to do with the configmap-cert-manager-helm-chart-value-overrides.yaml file. I’ve copied the values in, but I get a security context error upon deployment.
Sorry about the delayed response - can you paste the error you get?
I’m loving these articles on Flux it has opened up a whole new way of working with K8s and k3s for me thanks.
However I am really struggling with turning values.yaml into configmaps. I needed several attempts with external-dns before I got things working.
I have now helm uninstalled cert-manager from my test cluster and I am trying to migrate to a flux based setup. Flux is telling me:
cert-manager helmrelease/cert-manager False False unable to read values from key ‘values.yaml’ in ConfigMap ‘cert-manager/cert-manager-helm-chart-value-overrides’: error converting YAML to JSON: yaml: line 230: did not find expected key
I have been using yamllint to check my yaml files but I cannot for the life of me find the problem with cert-manager ConfigMaps.
I can view the ConfigMaps that flux has created with lens. Line 230 according to lens is the annotations: {}, I simply took the raw GitHub of values.yaml for the helm chart and pasted it in to your template:
service:
## @param service.type Sealed Secret service type
##
type: ClusterIP
## @param service.port Sealed Secret service HTTP port
##
port: 8080
## @param service.nodePort Node port for HTTP
## Specify the nodePort value for the LoadBalancer and NodePort service types
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
## NOTE: choose port between <30000-32767>
##
nodePort: ""
## @param service.annotations [object] Additional custom annotations for Sealed Secret service
##
annotations: {}
## Sealed Secret ingress parameters
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
Is there an easy way to insert values.yaml into a ConfigMap for this to work?