Add cert-manager documentation #1317
Conversation
| Install cert-manager. | ||
| `Release 1.12.X LTS <https://cert-manager.io/docs/releases/release-notes/release-notes-1.12/>`__ is preferred, but you may install latest. | ||
|
|
||
| The following command installs version 1.12.13 using ``kubectl``. |
There was a problem hiding this comment.
Worth doing a substitution here in case the version bumps later?
There was a problem hiding this comment.
Perhaps? Not sure how critical that is to stay up. Mostly we want this lineage. Which particular release within 1.12.x is less important from our perspective.
djwfyi
force-pushed
the
cert-manager
branch
from
bcfdde0
to
fa353c6
Compare
|
|
||
| The following graphic depicts how various namespaces make use of either an ``Issuer`` or ``ClusterIssuer`` type. | ||
|
|
||
| - cert-manager is installed in the ``cert-manager`` namespace, which does not have either an ``issuer`` or a ``ClusterIssuer``. |
There was a problem hiding this comment.
I'm confused by the cert-manager namespace in the diagram, is minio-operator:issuer not an issuer?
There was a problem hiding this comment.
We can address that with other comments on the graphic.
It should not have either an Issuer or ClusterIssuer in that namespace. But it operates separately from the other namespaces.
There was a problem hiding this comment.
See suggestion in other thread here
#1317 (comment)
|
|
||
| .. important:: | ||
|
|
||
| Replace the filler strings with values for your tenant: |
There was a problem hiding this comment.
Do we have a usual term for nonspecific placeholder text?
Or perhaps something like "Replace the placeholder values as described below"
There was a problem hiding this comment.
Trying an alternative. I think "placeholder text" is probably the clearest expression.
|
|
||
| The following graphic depicts how various namespaces make use of either an ``Issuer`` or ``ClusterIssuer`` type. | ||
|
|
||
| - cert-manager is installed in the ``cert-manager`` namespace, which does not have either an ``issuer`` or a ``ClusterIssuer``. |
There was a problem hiding this comment.
Do we still need this if we're dropping a reference to it in the diagram?
Maybe:
The following diagram provides a high level view of the relationship between Cluster Issuers and Issuers in a cert-manager context:
There was a problem hiding this comment.
Holding for the new diagram. Will leave unresolved until then.
|
|
||
| .. image:: /images/k8s/cert-manager-cluster.svg | ||
| :width: 600px | ||
| :alt: A Kubernetes cluster with five namespaces, shown as a box for each namespace in the cluster. The minio-operator namespace contains a "minio-operator: issuer" local issuer. The default namespace contains a "root: ClusterIssuer" cluster issuer. The cert-manager namespace contains a "minio-operator: issuer" local issuer. The remaining two namespaces are individual tenants, "tenant-1" and "tenant-2", each with its own local issuer. |
There was a problem hiding this comment.
Need to update the alt text
There was a problem hiding this comment.
Waiting for the new diagram first. Then will update.
djwfyi
force-pushed
the
cert-manager
branch
from
54925e5
to
bca3274
Compare
|
This PR is block until we get an updated graphic from the design team. |
Adds cert-manager docs for Kubernetes outputs.
Closes #1245
Partially addresses #1273
Staged: