diff --git a/README.md b/README.md index 88236a18a342ebe959a3c2ed2989e28a24122dbf..72b1676d25bb8cb862b8b07a97f24aeef2c5539f 100644 --- a/README.md +++ b/README.md @@ -85,3 +85,49 @@ EOF # Default setup for istio kubectl get svc -n istio-system kubectl get pods -n istio-system ``` + +7. Cert Manager (on mgmt) + +``` +kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml +``` + +Setup letsencrypt issuer +``` +kubectl apply -f - <<EOF +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-issuer + namespace: istio-system +spec: + acme: + email: rlacko99@gmail.com + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-issuer-account-key + solvers: + - http01: + ingress: + class: istio +EOF +``` + +Test it + +``` +kubectl apply -f - <<EOF +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: hello-cert + namespace: istio-system +spec: + secretName: hello-cert + issuerRef: + name: letsencrypt-issuer + commonName: hello.maze.sch.bme.hu + dnsNames: + - hello.maze.sch.bme.hu +EOF +```