Updating Helm chart to support GCP cert provider for TLS #8457
Labels
type/enhancement
The enhancements for the existing features or docs. e.g. reduce memory usage of the delayed messages
Comments
devinbost
added
the
type/enhancement
|
@devinbost Is it better to move this issue to https://github.com/apache/pulsar-helm-chart/issues? We have moved all helm charts to https://github.com/apache/pulsar-helm-chart/issues |
|
@codelipenghui Noted. I linked the issue, and I'll close it here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In most production environments, using self-signed certs is not acceptable for TLS. Certs are expected to be backed by a CA for security reasons. It appears that the Pulsar Helm charts currently only support self-signed certificates.
The doc https://pulsar.apache.org/docs/en/helm-overview/ seems to suggest that the Helm chart also supports Let's Encrypt, but the Helm chart template appears to only accept "selfsigning" as a parameter: https://github.com/apache/pulsar-helm-chart/blob/master/charts/pulsar/templates/tls-cert-internal-issuer.yaml#L21
It would be helpful to also support GCP as a cert provider for TLS. This article has some information on using cert-manager with GCP: https://cert-manager.io/docs/configuration/acme/dns01/google/
The text was updated successfully, but these errors were encountered: