From b6bd23bc4a0cbc15165b601c12fd329118f6f1ce Mon Sep 17 00:00:00 2001 From: Nikolai Emil Damm Date: Tue, 20 Aug 2024 19:58:10 +0200 Subject: [PATCH] Update README's --- README.md | 2 + k8s/cert-manager/README.md | 41 ++----------------- .../cloudflare-letsencrypt/README.md | 20 +++++++++ .../cluster-issuers/selfsigned/README.md | 7 ++++ 4 files changed, 32 insertions(+), 38 deletions(-) create mode 100644 k8s/cert-manager/cluster-issuers/cloudflare-letsencrypt/README.md create mode 100644 k8s/cert-manager/cluster-issuers/selfsigned/README.md diff --git a/README.md b/README.md index 8e32ca0..9629110 100644 --- a/README.md +++ b/README.md @@ -76,6 +76,8 @@ This repository contains the following OCI Artifacts: - [Cluster API Operator](k8s/capi-operator/README.md) - [Cert Manager](k8s/cert-manager/README.md) + - [Cluster Issuer - Cloudflare LetsEncrypt](k8s/cert-manager/cluster-issuers/cloudflare-letsencrypt/README.md) + - [Cluster Issuer - Self-Signed](k8s/cert-manager/cluster-issuers/selfsigned/README.md) - [Cloudflared](k8s/cloudflared/README.md) - [GitHub Actions Runner Scale Set](k8s/gha-runner-scale-set/README.md) - [Goldilocks](k8s/goldilocks/README.md) diff --git a/k8s/cert-manager/README.md b/k8s/cert-manager/README.md index c2d3aa4..5df3fc3 100644 --- a/k8s/cert-manager/README.md +++ b/k8s/cert-manager/README.md @@ -11,42 +11,7 @@ Cert Manager is a Kubernetes add-on to automate the management and issuance of T | -------------- | ------------------------- | :-----: | :------: | | cluster_domain | The domain of the cluster | | ✓ | -## CRDs +## Custom Resources -This OCI Artifact provides CRDs. They must be deployed separately. - -### Cluster Issuers - -### Cluster Issuer Certificate - -- `k8s/cert-manager/certificates/cluster-issuer-certificate.yaml` - -This certificate is used to issue certificates for any cluster issuer. It must be configured with the correct issuer. - -| Variable | Description | Default | Required | -| ------------------------------------------ | ---------------------------------------- | :-----: | :------: | -| cert_manager_replica_count | The number of replicas | 2 | ✕ | -| cert_manager_pod_disruption_budget_enabled | Enable/disable the pod disruption budget | true | ✕ | - -#### Self-Signed Cluster Issuer - -- `k8s/cert-manager/cluster-issuers/self-signed-cluster-issuer.yaml` - -This cluster issuer can be used to issue self-signed certificates. It is only recommended to use this issuer for local clusters. - -#### Cloudflare LetsEncrypt Cluster Issuer - -- `k8s/cert-manager/cluster-issuers/cloudflare-letsencrypt-cluster-issuer.yaml` - -This cluster issuer can be used to issue certificates using the Cloudflare DNS API. It is recommended to use this issuer for dev/test and production clusters. - -| Variable | Description | Default | Required | -| -------------------------------------------- | ----------------------------------------------------- | :------------------------------------------------------: | :------: | -| cloudflare_letsencrypt_cluster_issuer_server | The cluster issuer server to use for letsencrypt ACME | | ✕ | -| cloudflare_letsencrypt_cluster_issuer_email | The email to use when issuing new certificates issuer | | ✓ | - -For this issuer to work, you must also add the `k8s/cert-manager/certificates/cloudflare-dns-api-key.yaml` secret to your cert-manager namespace. - -| Variable | Description | Default | Required | -| ---------------------- | ------------------------------------------ | :-----: | :------: | -| cloudflare_dns_api_key | The API Key needed for ACME DNS challenges | | ✓ | +- [Cluster Issuer - Self-Signed](cluster-issuers/selfsigned/README.md) +- [Cluster Issuer - Cloudflare LetsEncrypt](cluster-issuers/cloudflare-letsencrypt/README.md) diff --git a/k8s/cert-manager/cluster-issuers/cloudflare-letsencrypt/README.md b/k8s/cert-manager/cluster-issuers/cloudflare-letsencrypt/README.md new file mode 100644 index 0000000..07249b8 --- /dev/null +++ b/k8s/cert-manager/cluster-issuers/cloudflare-letsencrypt/README.md @@ -0,0 +1,20 @@ +# Cert Manager - Cloudflare LetsEncrypt Cluster Issuer + +This cluster issuer can be used to issue certificates using the Cloudflare DNS API. It is recommended to use this issuer for dev/test and production clusters. + +## Dependencies + +- [Cert Manager](../../README.md) + +## Post-build variables + +| Variable | Description | Default | Required | +| -------------------------------------------- | ----------------------------------------------------- | :------------------------------------------------------: | :------: | +| cloudflare_letsencrypt_cluster_issuer_server | The cluster issuer server to use for letsencrypt ACME | | ✕ | +| cloudflare_letsencrypt_cluster_issuer_email | The email to use when issuing new certificates issuer | | ✓ | + +For this issuer to work, you must also add the `k8s/cert-manager/certificates/cloudflare-dns-api-key.yaml` secret to your cert-manager namespace. + +| Variable | Description | Default | Required | +| ---------------------- | ------------------------------------------ | :-----: | :------: | +| cloudflare_dns_api_key | The API Key needed for ACME DNS challenges | | ✓ | diff --git a/k8s/cert-manager/cluster-issuers/selfsigned/README.md b/k8s/cert-manager/cluster-issuers/selfsigned/README.md new file mode 100644 index 0000000..a449bc9 --- /dev/null +++ b/k8s/cert-manager/cluster-issuers/selfsigned/README.md @@ -0,0 +1,7 @@ +# Cert Manager - Self-Signed Cluster Issuer + +This cluster issuer can be used to issue self-signed certificates. It is only recommended to use this issuer for local clusters. + +## Dependencies + +- [Cert Manager](../../README.md)