Cert-Manager configuration reference for Lokomotive


cert-manager is a Kubernetes service that provisions TLS certificates from Let’s Encrypt and other certificate authorities and manages their lifecycles.


  • A Lokomotive cluster accessible via kubectl.


If you run a cluster enable_aggregation set to false, make sure you disable the webhooks feature, which will not work without aggregation enabled.

cert-manager component configuration example:

component "cert-manager" {
  email = "[email protected]"
  namespace = "cert-manager"
  webhooks = false

Attribute reference

Table of all the arguments accepted by the component.

Argument Description Default Type Required
email Email used for certificates to receive expiry notifications. - string true
namespace Namespace to deploy the cert-manager into. cert-manager string false
webhooks Controls if webhooks should be deployed. true bool false
service_monitor Specifies how metrics can be retrieved from a set of services. false bool false


To apply the cert-manager component:

lokoctl component apply cert-manager


To destroy the component:

lokoctl component delete cert-manager --delete-namespace