CertManager

CertManager is an extensible X.509 certificate controller for Kubernetes workloads. It creates TLS certificates for workloads and renews them before they expire.

The cert-manager role performs various tasks related to Helm chart deployment, reset and validation.

Tip

Role deployments are performed at global level, using the Provisioning playbook. Upgrades can be performed at role level, see the instructions detailed below.

Role Tasks

See the related role tasks, listed below.

Facts

Ansible facts, see facts.yaml for details.

Main

Main role related tasks, see main.yaml for details.

Post-Install

Post-install related tasks, see postinstall.yaml for details.

Reset

Reset related tasks, see reset.yaml for details.

Tip

A reset is performed at global level only, review the Reset playbook instructions.

Upgrade

Upgrade related tasks, see upgrade.yaml for details. Run the following command, to perform a role upgrade:

ansible-playbook --ask-vault-pass --tags=cert-manager upgrade.yaml

Validation

Validation related tasks, see validation.yaml for details. Run the following command, to perform all role related validation tasks:

ansible-playbook --ask-vault-pass --tags=cert-manager,validation validation.yaml

Role Templates

See the related role templates, listed below.

Tip

Perform a role validation, to visualize all rendered templates and variables.

Helm Chart

Helm chart values template, see values.j2 for details.

Cluster Issuer

Kubernetes ClusterIssuer resource template, see cluster_issuer.j2 for details.

Role Variables

Important

A role upgrade is required, in order to apply any changes related to role variables.

See the related role variables, defined into main.yaml defaults file. Review the README.md file, for additional details.

Tip

Use Renovate to automate release pull requests and keep dependencies up-to-date.

Support

If you encounter any role related problems or want to request a new feature, feel free to open an issue. For general questions or feedback, please use the discussions.