Add support for TLS with cert-manager

Question

Add support for TLS with cert-manager

andrestc opened this issue 6 years ago · 4 comments

We added support for nginx + tls using kube-lego and its annotations in #11. Kube-lego is now deprecated and only supported in Kubernetes up to 1.8.x. We should add support for tls using cert-manager, which is the official replacement for kube-lego: https://github.com/jetstack/cert-manager/.

Answer 1 · 2018-05-08T10:11:39.000Z

I've updated to cert-manager and update nginx-ingress (which already supports cert-manager).
The annotations are still the same for it:
kubernetes.io/tls-acme: true

But the point is that we have a few new annotations that can be used (besides the basic):

https://github.com/jetstack/cert-manager/blob/62c2fd8df9a8c8eaddd193fbfcd82269dc6836fe/docs/reference/ingress-shim.rst

I would say that certmanager.k8s.io/issuer and certmanager.k8s.io/cluster-issuer are nice ones to have handled by kubernetes-router.

Answer 2 · 2018-05-08T12:32:07.000Z

Actually you can assign to me. =)

Answer 3 · 2018-05-08T14:04:39.000Z

Look good. Maybe we can support receiving these as custom router options as well.

Answer 4 · 2018-05-08T14:08:25.000Z

Sure, I will create a PR soon.