karavi obs cert-manager certificates

karavi-topology-cert_manager.patch

spec:
  template:
    spec:
      volumes:
      - name: karavi-topology-secret-volume
        secret:
          secretName: karavi-topology-tls
#          secretName: tls-secret

otel-cert-manager.yaml

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: otel-collector
  namespace: karavi
spec:
  # Secret names are always required.
  secretName: otel-collector-tls
  duration: 2160h # 90d
  renewBefore: 360h # 15d
  subject:
    organizations:
    - dellemc
  isCA: false
  privateKey:
    algorithm: RSA
    encoding: PKCS1
    size: 2048
  usages:
    - server auth
    - client auth
  # At least one of a DNS Name, URI, or IP address is required.
  dnsNames:
  - otel-collector
  - otel-collector.karavi.svc.kubernetes.local
  # Issuer references are always required.
  issuerRef:
    name: selfsigned-issuer
    kind: Issuer
    group: cert-manager.io

otel-cert_manager.patch

spec:
  template:
    spec:
      volumes:
      - name: tls-secret
        secret:
          secretName: otel-collector-tls
#          secretName: tls-secret

self_signed_cert-manager.yaml

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: selfsigned-issuer
  namespace: karavi
spec:
  selfSigned: {}

topology-cert-manager.yaml

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: karavi-topology
  namespace: karavi
spec:
  # Secret names are always required.
  secretName: karavi-topology-tls
  duration: 2160h # 90d
  renewBefore: 360h # 15d
  subject:
    organizations:
    - dellemc
  isCA: false
  privateKey:
    algorithm: RSA
    encoding: PKCS1
    size: 2048
  usages:
    - server auth
    - client auth
  # At least one of a DNS Name, URI, or IP address is required.
  dnsNames:
  - karavi-topology
  - karavi-topology.karavi.svc.kubernetes.local
  # Issuer references are always required.
  issuerRef:
    name: selfsigned-issuer
    kind: Issuer
    group: cert-manager.io