lvnilesh/writeup

## writeup
https://docs.cert-manager.io/en/latest/getting-started/install/kubernetes.html


k create clusterrolebinding cluster-admin-binding \
  --clusterrole=cluster-admin \
  --user=$(gcloud config get-value core/account)


# Install the CustomResourceDefinition resources separately

kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml

# Create the namespace for cert-manager

kubectl create namespace cert-manager

# Add the Jetstack Helm repository

helm repo add jetstack https://charts.jetstack.io

# Update your local Helm chart repository cache

helm repo update

# Install the cert-manager Helm chart

helm install \
      --name cm \
      --namespace cert-manager \
      --version v0.11.0 \
      jetstack/cert-manager

kubectl get pods --namespace cert-manager


# Create a ClusterIssuer to test the webhook works okay

cat <<EOF > test-resources.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: cert-manager-test
---
apiVersion: cert-manager.io/v1alpha2
kind: Issuer
metadata:
  name: test-selfsigned
  namespace: cert-manager-test
spec:
  selfSigned: {}
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  name: selfsigned-cert
  namespace: cert-manager-test
spec:
  commonName: example.com
  secretName: selfsigned-cert-tls
  issuerRef:
    name: test-selfsigned
EOF


# Create the test resources
kubectl apply -f test-resources.yaml

kubectl describe certificate -n cert-manager-test

kubectl delete -f test-resources.yaml
	https://docs.cert-manager.io/en/latest/getting-started/install/kubernetes.html


	k create clusterrolebinding cluster-admin-binding \
	--clusterrole=cluster-admin \
	--user=$(gcloud config get-value core/account)



	# Install the CustomResourceDefinition resources separately

	kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml

	# Create the namespace for cert-manager

	kubectl create namespace cert-manager

	# Add the Jetstack Helm repository

	helm repo add jetstack https://charts.jetstack.io

	# Update your local Helm chart repository cache

	helm repo update

	# Install the cert-manager Helm chart

	helm install \
	--name cm \
	--namespace cert-manager \
	--version v0.11.0 \
	jetstack/cert-manager

	kubectl get pods --namespace cert-manager


	# Create a ClusterIssuer to test the webhook works okay

	cat <<EOF > test-resources.yaml
	apiVersion: v1
	kind: Namespace
	metadata:
	name: cert-manager-test
	---
	apiVersion: cert-manager.io/v1alpha2
	kind: Issuer
	metadata:
	name: test-selfsigned
	namespace: cert-manager-test
	spec:
	selfSigned: {}
	---
	apiVersion: cert-manager.io/v1alpha2
	kind: Certificate
	metadata:
	name: selfsigned-cert
	namespace: cert-manager-test
	spec:
	commonName: example.com
	secretName: selfsigned-cert-tls
	issuerRef:
	name: test-selfsigned
	EOF



	# Create the test resources
	kubectl apply -f test-resources.yaml

	kubectl describe certificate -n cert-manager-test

	kubectl delete -f test-resources.yaml