Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
karavi obs cert-manager certificates
spec:
template:
spec:
volumes:
- name: karavi-topology-secret-volume
secret:
secretName: karavi-topology-tls
# secretName: tls-secret
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: otel-collector
namespace: karavi
spec:
# Secret names are always required.
secretName: otel-collector-tls
duration: 2160h # 90d
renewBefore: 360h # 15d
subject:
organizations:
- dellemc
isCA: false
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
usages:
- server auth
- client auth
# At least one of a DNS Name, URI, or IP address is required.
dnsNames:
- otel-collector
- otel-collector.karavi.svc.kubernetes.local
# Issuer references are always required.
issuerRef:
name: selfsigned-issuer
kind: Issuer
group: cert-manager.io
spec:
template:
spec:
volumes:
- name: tls-secret
secret:
secretName: otel-collector-tls
# secretName: tls-secret
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: karavi
spec:
selfSigned: {}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: karavi-topology
namespace: karavi
spec:
# Secret names are always required.
secretName: karavi-topology-tls
duration: 2160h # 90d
renewBefore: 360h # 15d
subject:
organizations:
- dellemc
isCA: false
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
usages:
- server auth
- client auth
# At least one of a DNS Name, URI, or IP address is required.
dnsNames:
- karavi-topology
- karavi-topology.karavi.svc.kubernetes.local
# Issuer references are always required.
issuerRef:
name: selfsigned-issuer
kind: Issuer
group: cert-manager.io
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment