Installing and Verifying a Certificate Manager
Before proceeding with certificate management, it's crucial to ensure that a certificate manager is installed in your cluster. This section guides you through checking for an existing installation and installing cert-manager if necessary.
Check for an Existing cert-manager Installation
First, verify if cert-manager is already installed in your cluster, by running:
If cert-manager is installed, you should see pods running with names like cert-manager
, cert-manager-cainjector
, and cert-manager-webhook
. If you see these pods, you can skip the installation step.
If cert-manager is not installed, you will see a message similar to the following:
Installing cert-manager
If cert-manager is not present, follow these steps to install it:
- Add the Jetstack Helm repository:
- Install cert-manager using Helm:
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--set crds.enabled=true
- After installation, verify that cert-manager is running correctly:
Check the pod status:
All pods should show a Running
status. Example:
$ kubectl get pods -n cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-6794b8d569-x9v69 1/1 Running 0 10m
cert-manager-cainjector-7f69cd69f7-r68rl 1/1 Running 0 10m
cert-manager-webhook-6cc5dccc4b-5kgfn 1/1 Running 0 10m
Verify the API readiness:
The AVAILABLE
column should show True
. Example:
$ kubectl get apiservice v1.cert-manager.io
NAME SERVICE AVAILABLE AGE
v1.cert-manager.io Local True 10m
Alternative cert-manager Installation Methods
For alternative installation methods or more detailed instructions, refer to the official cert-manager documentation.