Wildcard Certificates with Traefik + cert-manager + Let's Encrypt in Kubernetes Tutorial

wildcard-certificates-with-traefik-lets-encrypt.md

Wildcard Certificates with Traefik + cert-manager + Let's Encrypt in Kubernetes Tutorial

Using Traefik, cert-manager, Cloudflare, and Let’s Encrypt to secure your services with certificates in Kubernetes.

*You can find all of the resources for this tutorial here

git clone https://github.com/dmancloud/traefik-cert-manager.git

Install Helm v3

Additional Information - https://helm.sh/docs/intro/install/

curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
sudo apt-get install apt-transport-https --yes
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm

Install Traefik

helm repo add traefik https://helm.traefik.io/traefik
helm repo update
kubectl create namespace traefik
kubectl get namespaces
helm install --namespace=traefik traefik traefik/traefik --values=values.yaml
kubectl get svc --all-namespaces -o wide

Apply Middleware (Default Headers)

cd traefik
kubectl apply -f default-headers.yaml
kubectl get middleware

Install cert-manager

kubectl create namespace cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml
helm install cert-manager jetstack/cert-manager --namespace cert-manager --values=values.yaml

Create Cloudflare Secret

kubectl apply -f secret-cf-token.yaml

Create Staging ClusterIssuer

kubectl apply -f letsencrypt-staging.yaml

Create Staging Certificates

kubectl apply -f local-example-com.yaml

Testing Staging Certificate With A Sample Nginx Workload

kubectl apply -f deployment.yaml
kubectl apply -f service.yaml
kubectl apply -f ingress.yaml