cat << EOF > test-resources.yaml
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager-test
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: test-selfsigned
namespace: cert-manager-test
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: selfsigned-cert
namespace: cert-manager-test
spec:
dnsNames:
- example.com
secretName: selfsigned-cert-tls
issuerRef:
name: test-selfsigned
EOF
cert-manager. Проверка после установки
Использованные материалы
|
1. Выпуск тестового сертификата
-
Создайте манифест для выпуска тестового сертификата:
-
Примените созданный манифест:
kubectl apply -f test-resources.yaml
-
Проверьте наличие успешно выданного сертификата ("The certificate has been successfully issued"):
kubectl describe certificate -n cert-manager-test
stdout:Name: selfsigned-cert Namespace: cert-manager-test Labels: <none> Annotations: <none> API Version: cert-manager.io/v1 Kind: Certificate Metadata: Creation Timestamp: 2024-05-27T11:06:43Z Generation: 1 Resource Version: 83250398 UID: dc1e894c-dc9f-4ded-96a2-03aae1a5bdb6 Spec: Dns Names: example.com Issuer Ref: Name: test-selfsigned Secret Name: selfsigned-cert-tls Status: Conditions: Last Transition Time: 2024-05-27T11:06:46Z Message: Certificate is up to date and has not expired Observed Generation: 1 Reason: Ready Status: True Type: Ready Not After: 2024-08-25T11:06:46Z Not Before: 2024-05-27T11:06:46Z Renewal Time: 2024-07-26T11:06:46Z Revision: 1 Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Issuing 14s cert-manager-certificates-trigger Issuing certificate as Secret does not exist Normal Generated 12s cert-manager-certificates-key-manager Stored new private key in temporary Secret resource "selfsigned-cert-xjh9s" Normal Requested 12s cert-manager-certificates-request-manager Created new CertificateRequest resource "selfsigned-cert-1" Normal Issuing 11s cert-manager-certificates-issuing The certificate has been successfully issued
-
Удалите ранее созданные ресурсы:
kubectl delete -f test-resources.yaml
stdout:namespace "cert-manager-test" deleted issuer.cert-manager.io "test-selfsigned" deleted certificate.cert-manager.io "selfsigned-cert" deleted