cert‐manager
To test cert-manager with MinIO in k8s
- https://github.com/minio/operator/blob/master/docs/cert-manager.md
- https://cert-manager.io/docs/installation/
- https://stackoverflow.com/questions/53536907/kubectl-wait-for-condition-complete-timeout-30s
- https://stackoverflow.com/questions/71384532/kubernetes-wait-for-secret-to-be-created
- Create cluster:
createcluster ingress- Install
cert-manager:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.yaml
echo "Wait until cert-manager pods are running:"
kubectl wait -n cert-manager --for=condition=ready pod -l app=cert-manager --timeout=120s
kubectl wait -n cert-manager --for=condition=ready pod -l app=cainjector --timeout=120s
kubectl wait -n cert-manager --for=condition=ready pod -l app=webhook --timeout=120s- Install Operator
installoperator ingress- Install Tenant with cert-manager: https://github.com/minio/operator/tree/master/examples/kustomization/tenant-certmanager
kustomize build github.com/minio/operator/examples/kustomization/tenant-lite\?ref\=v5.0.10 > /Users/cniackz/bash-config/config-files/kustomize/Tenant/kustomize-tenant-5-0-10.yaml
k apply -f /Users/cniackz/bash-config/config-files/kustomize/Tenant/kustomize-tenant-cert-manager-5-0-10.yamlOR
kubectl apply -k github.com/minio/operator/examples/kustomization/tenant-certmanagerkubectl get secrets -n tenant-certmanager tenant-certmanager-tls -o=jsonpath='{.data.ca\.crt}' | base64 -d > public.crt
kubectl create secret generic operator-ca-tls --from-file=public.crt -n minio-operator
kubectl rollout restart deployment.apps/minio-operator -n minio-operator
https://github.com/minio/operator/issues/1839
