Cert-Manager configuration reference for Lokomotive

    Introduction

    cert-manager is a Kubernetes service that provisions TLS certificates from Let’s Encrypt and other certificate authorities and manages their lifecycles.

    Prerequisites

    • A Lokomotive cluster accessible via kubectl.

    Configuration

    If you run a cluster enable_aggregation set to false, make sure you disable the webhooks feature, which will not work without aggregation enabled.

    cert-manager component configuration example:

    component "cert-manager" {
      email = "[email protected]"
      namespace = "cert-manager"
      webhooks = false
    }
    

    Attribute reference

    Table of all the arguments accepted by the component.

    Argument Description Default Type Required
    email Email used for certificates to receive expiry notifications. - string true
    namespace Namespace to deploy the cert-manager into. cert-manager string false
    webhooks Controls if webhooks should be deployed. true bool false
    service_monitor Specifies how metrics can be retrieved from a set of services. false bool false

    Applying

    To apply the cert-manager component:

    lokoctl component apply cert-manager
    

    Deleting

    To destroy the component:

    lokoctl component delete cert-manager --delete-namespace