tamalsaha/issuer.yaml

## issuer.yaml
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: redis-issuer
  namespace: demo
spec:
  ca:
    secretName: redis-ca

## redis-tls.yaml
apiVersion: kubedb.com/v1alpha2
kind: Redis
metadata:
  name: redis-tsl
spec:
  version: 6.0.6
  storageType: Ephemeral
  storage:
    storageClassName: "standard"
    accessModes:
      - ReadWriteOnce
  podTemplate:
    spec:
      resources:
        requests:
          memory: "64Mi"
          cpu: "125m"
        limits:
          memory: "128Mi"
          cpu: "250m"
  terminationPolicy: WipeOut
  tls:
    issuerRef:
      apiGroup: cert-manager.io
      kind: Issuer
      name: redis-issuer

## step_1.md

      
    Raw
  

              step_1.md
            
          
    helm install kubedb appscode/kubedb \
    --version v2021.06.23 \
    --namespace kubedb --create-namespace \
    --set-file global.license=./kubedb-enterprise-license-291590ab-824e-4fe0-a1a3-c4e7af3db3a3.txt \
    --set kubedb-enterprise.enabled=true \
    --set kubedb-autoscaler.enabled=true

kubectl apply -f https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml

$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./ca.key -out ./ca.crt
Generating a RSA private key
..........................................................................+++++
..................+++++
writing new private key to './ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
$ kubectl create ns demo
namespace/demo created
$ kubectl create secret tls redis-ca      --cert=ca.crt      --key=ca.key      --namespace=demo
secret/redis-ca created
$ kubectl apply -f issuer.yaml -n demo
issuer.cert-manager.io/redis-issuer created
$ kubectl apply -f redis-tls.yaml -n demo
redis.kubedb.com/redis-tls created
	apiVersion: cert-manager.io/v1
	kind: Issuer
	metadata:
	name: redis-issuer
	namespace: demo
	spec:
	ca:
	secretName: redis-ca
	apiVersion: kubedb.com/v1alpha2
	kind: Redis
	metadata:
	name: redis-tsl
	spec:
	version: 6.0.6
	storageType: Ephemeral
	storage:
	storageClassName: "standard"
	accessModes:
	- ReadWriteOnce
	podTemplate:
	spec:
	resources:
	requests:
	memory: "64Mi"
	cpu: "125m"
	limits:
	memory: "128Mi"
	cpu: "250m"
	terminationPolicy: WipeOut
	tls:
	issuerRef:
	apiGroup: cert-manager.io
	kind: Issuer
	name: redis-issuer