CertManager
CertManager is an extensible X.509 certificate controller for Kubernetes workloads. It creates TLS certificates for workloads and renews them before they expire.
The cert-manager role performs various tasks related to Helm chart deployment, reset, and validation.
Role deployments are performed at global level, using the Provisioning playbook. Upgrades can be performed at role level — see the instructions detailed below.
Role Tasks
See the related role tasks listed below.
Facts
Ansible facts — see facts.yaml for details.
Main
Main role related tasks — see main.yaml for details.
Post-Install
Post-install related tasks — see postinstall.yaml for details.
Reset
Reset related tasks — see reset.yaml for details.
A reset is performed at global level only — review the Reset playbook instructions.
Upgrade
Upgrade related tasks — see upgrade.yaml for details. Run the following command to perform a role upgrade:
ansible-playbook --ask-vault-pass --tags=cert-manager upgrade.yamlValidation
Validation related tasks — see validation.yaml for details. Run the following command to perform all role related validation tasks:
ansible-playbook --ask-vault-pass --tags=cert-manager validation.yamlRole Templates
See the related role templates listed below.
Perform a role validation to visualize all rendered templates and variables.
Helm Chart
Helm chart values template — see values.j2 for details.
Cluster Issuer
Kubernetes ClusterIssuer resource template — see cluster_issuer.j2 for details.
Configuration
- Controller — Helm chart values template used for controller configuration, see
config_controller.j2for details.
Role Variables
A role upgrade is required in order to apply any changes related to role variables.
See the related role variables, defined in the main.yaml defaults file. Review the README.md file for additional details.
Use Renovate to automate release pull requests and keep dependencies up-to-date.