Skip to content

uberscott/recert

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
bash
bash
 
 
docker
docker
 
 
etc/operator
etc/operator
 
 
go
go
 
 
helm
helm
 
 
tool
tool
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
VERSION
VERSION
 
 
skaffold.yaml
skaffold.yaml
 
 

Repository files navigation

RECERT

RECERT is a Kubernetes Operator that creates and renews SSL certificates issued by Let's Encrypt "A nonprofit Certificate Authority provider."

WHY RECERT

Traditional Certificate Authorities issue certificates by confirming that a business entity is who he says he is and that he owns and controls a particular domain. The Certificate is created and the system administer happily installs the cert on his webserver.

With Let's Encrypt there are no humans involved. Ownership of a domain is proven via a challenge issued by Let's Encrypt to the the webserver via a software product called certbot. In order for Let's Encrypt to work the webserver must have a special configuration to redirect traffic to certbot AND certbot must be able to update the certificates on the webserver.

The certbot setup is very simple for traditional servers and VMs, but runs into trouble on Kubernetes due to the effermeral nature of containers.

WHAT RECERT DOES

Recert creates a simple SSL proxy that forwards HTTPS traffic to another webserver within Kubernetes. When a Let's Encrypt challenge is issued Recert createsa Kubernetes job which will intercept the challenge and write the resulting certificate to a Kubernetes secret. The Recert operator will then restart the SSL proxy with the certificate secrets mounted.

INSTALLING

TODO - Write instructions on how to install the operator

DEVELOPMENT -- GETTING STARTED

You will need to have the following tools installed to build, run and contribute to RECERT Containers:

Recommended Tools

If you are going to do some operator programming:

Not required, but these tools will make your life easier:

Installing -- MAC

Docker

Follow link instructions: https://docs.docker.com/docker-for-mac/install/

HOMEBREW INSTALLS

brew install go
brew install helm
brew install skaffold
brew install git-flow
brew install kubectl

# go code
brew install operator-sdk

# optional
brew install stern
brew install kubectx

Setup

Tools

Before you can build you will need to run the tool setup once:

make tools

Git Flow

Initialize gitflow in your local repository:

git flow init -d

Go Development

You may need to setup your GOPATH environment variable:

EXAMPLE .bash_profile

export GOPATH=<YOUR_RECERT_DIRECTORY>/go

Building

make build

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages