Kubernetes Certificate Manager
This project is loosely based on https://github.com/kelseyhightower/kube-cert-manager It took over most of its documentation, license, as well as the general approach to how things work.
The code itself however, was entirely reimplemented to use xenolf/lego as the basis instead of reimplemented an ACME client + dns plugins
- Manage Kubernetes TLS secrets backed by Let's Encrypt issued certificates.
- Manage Let's Encrypt issued certificates based on Kubernetes ThirdParty Resources.
- Manage Let's Encrypt issued certificates based on Kubernetes Ingress Resources.
- Domain validation using ACME HTTP-01, SNI-TLS-01 or DNS-01 challenges.
- Support for multiple challenge providers.
- Demonstrate how to build custom Kubernetes controllers.
- Demonstrate how to use Kubernetes Third Party Resources.
- Demonstrate how to interact with the Kubernetes API (watches, reconciliation, etc).
- Demonstrate how to write great documentation for Kubernetes add-ons and extensions.
- Promote the usage of Let's Encrypt for securing web applications running on Kubernetes.
- Kubernetes 1.3+
- At least one configured challenge provider
- A Kubectl with the same 1.x version as your cluster (ie. kubectl 1.3.x for a 1.3 cluster, and kubectl 1.4.x for a 1.4 cluster)
- Deployment Guide
- Creating a Certificate
- Deleting a Certificate
- Consuming Certificates
- Managing Certificates for Ingress Resources
- Garbage Collection of Secrets
- Secure Deployment using RBAC