feat: cert manager integration

- fixing links and doc structure
- adding more details about cert manager integration

Signed-off-by: Piotr Zaniewski <[email protected]>

vcluster/_fragments/integrations/cert-manager.mdx

@@ -1,41 +1,60 @@
+
+import Flow, { Step } from '@site/src/components/Flow'
+import NavStep from '@site/src/components/NavStep'
+import Button from '@site/src/components/Button'
+import Label from '@site/src/components/Label'
+import Field from '@site/src/components/Field'
+
+import CertManagerPartial from '../../_partials/config/integrations/certManager.mdx';
+
+import BasePrerequisites from '../../../platform/_partials/install/base-prerequisites.mdx';
+
 import CodeBlock from '@theme/CodeBlock';
 
 import Deploy from '../../_partials/deploy/deploy.mdx'
+
 import ProAdmonition from '../../_partials/admonitions/pro-admonition.mdx'
-import MetricsServer from '../../_partials/config/integrations/certManager.mdx'  
 
 <ProAdmonition/>
 
 ### Prerequisites
-This guide assumes you have the following prerequisites:
-- `kubectl` installed
+
+<BasePrerequisites />
+
 - `cert-manager` operator installed on your host cluster. See instructions at https://cert-manager.io
-<br></br>
 
-# Certificate Manager Integration
+## Cert manager integration
 
 To enable the cert-manager integration, set the following fields as shown below:
 
-```yaml
+
+```yaml title="Enable cert-manager integration"
 integrations:
   certManager:
     enabled: true
 ```
 
-This will enable the integration, import cluster scoped ClusterIssuers from the host cluster into the virtual cluster and export namespaced Issuers and Certificates from the virtual cluster into the host cluster.
+This configuration enables the integration, imports cluster-scoped ClusterIssuers from the host cluster into the virtual cluster, and exports namespaced Issuers and Certificates from the virtual cluster into the host cluster.
+
+<Flow id="cert-manager-integration">
+ <Step>
 
-Once that the virtual cluster is up and running, you can create a Issuer and Certificate inside the virtual cluster. For the purpose of this guide, we will use a `letsencrypt-staging` issuer.
+  Create the Issuer
 
-```yaml
+Create a <Label>file</Label> named `issuer.yaml` with the following content:
+
+```yaml title="ClusterIssuer configuration"
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
   name: letsencrypt-staging
 spec:
   acme:
-    # You must replace this email address with your own.
+    # highlight-start
+    # Replace this email address with your own.
     # Let's Encrypt will use this to contact you about expiring
     # certificates, and issues related to your account.
+    # highlight-end
     email: [email protected]
     server: https://acme-staging-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
@@ -46,14 +65,34 @@ spec:
     - http01:
         ingress:
           ingressClassName: nginx
+```
 
+</Step>
+<Step>
+Apply the Issuer configuration:
+
+```bash title="Apply the Issuer configuration"
+kubectl apply -f issuer.yaml
 ```
+:::note
+This creates a corresponding Issuer in the host cluster.
+:::
+
+</Step>
+<Step>
 
+Create and apply Issuer and Certificate
 
+After the virtual cluster is running, create an Issuer and Certificate inside the virtual cluster. This guide uses a `letsencrypt-staging` issuer for demonstration purposes.
 
-Inside the virtual cluster, create the store with `kubectl apply -f issuer.yaml`. This should create a corresponding Issuer in the host cluster. You can then observe the status of the Issuer in the virtual cluster, and create a Certificate object.
+</Step>
 
-```yaml
+<Step>
+Create the Certificate
+
+Create a file named `certificate.yaml` with the following content:
+
+```yaml title="Certificate configuration"
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -71,10 +110,89 @@ spec:
   - digital signature
   - key encipherment
 ```
+</Step>
+<Step>
+Apply the Certificate configuration:
+
+```bash title="Apply the Certificate configuration"
+kubectl apply -f certificate.yaml
+```
+
+:::tip
+After the certificate is created in the virtual cluster, the integration syncs the created secret back to the virtual cluster after the cert-manager operator creates it in the host cluster.
+:::
+
+</Step>
+</Flow>
+
+## Verify the integration
+
+<Flow id="verify-integration">
+  <Step>
+Check the status of the Issuer:
+
+   ```bash title="Check Issuer status"
+   kubectl describe clusterissuer letsencrypt-staging
+   ```
+  </Step>
+
+  <Step>
+Check the status of the Certificate:
+
+   ```bash title="Check Certificate status"
+   kubectl describe certificate quickstart-example-tls
+   ```
+  </Step>
+  <Step>
+Verify that the secret containing the certificate has been created:
+
+   ```bash title="Verify secret creation"
+   kubectl get secret quickstart-example-tls
+   ```
+  </Step>
+</Flow>
+
+
+## Using the certificate in an application
+
+To use the created certificate in an application, reference the secret in your Ingress resource:
+
+```yaml title="Example Ingress using the certificate"
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: example-ingress
+  annotations:
+    kubernetes.io/ingress.class: nginx
+spec:
+  tls:
+  - hosts:
+    - example.example.com
+    secretName: quickstart-example-tls
+  rules:
+  - host: example.example.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: example-service
+            port:
+              number: 80
+```
+
+## Troubleshooting
+
+If you encounter issues with the cert-manager integration, consider the following:
 
-Once that certificate is created in the virtual cluster, the integration will sync the created secret back to the virtual cluster after the cert-manager operator creates it in the host cluster, and the certificate is ready to use.
+- Ensure that cert-manager is properly installed and running in the host cluster.
+- Check the cert-manager logs in the host cluster for any error messages.
+- Verify that the Issuer and Certificate resources are correctly configured.
+- Ensure that the virtual cluster has the necessary permissions to create and manage certificates.
 
+For more detailed troubleshooting, refer to the [cert-manager troubleshooting guide](https://cert-manager.io/docs/troubleshooting/).
 
-### Config Reference
+## Config reference
 
-<CertManager />
+<CertManagerPartial />

vcluster/_partials/config/integrations/certManager.mdx

@@ -0,0 +1,3 @@
+
+
+

vcluster/integrations/certmanager/certManager.mdx

@@ -0,0 +1,10 @@
+---
+title: "Cert Manager"
+sidebar_label: "Cert Manager"
+sidebar_class_name: pro
+sidebar_position: 2
+---
+
+import CertManager from '../../_fragments/integrations/cert-manager.mdx'
+
+<CertManager />