开源软件名称(OpenSource Name):jetstack/kube-lego
开源软件地址(OpenSource Url):https://github.com/jetstack/kube-lego
开源编程语言(OpenSource Language):
Go
96.6%
开源软件介绍(OpenSource Introduction):kube-lego
⚠️
kube-lego is no longer maintained. The officially endorsed successor is cert-manager.
If you are a current user of kube-lego, you can find a migration guide here.
⚠️
kube-lego automatically requests certificates for Kubernetes Ingress resources from Let's Encrypt
Screencast
Features
- Recognizes the need of a new certificate for this cases:
- No certificate existing
- Existing certificate is not containing all domain names
- Existing certificate is expired or near to its expiry date (cf. option
LEGO_MINIMUM_VALIDITY )
- Existing certificate is unparseable, invalid or not matching the secret key
- Creates a user account (incl. private key) for Let's Encrypt and stores it in Kubernetes secrets (secret name is configurable via
LEGO_SECRET_NAME )
- Obtains the missing certificates from Let's Encrypt and authorizes the request with the
HTTP-01 challenge
- Makes sure that the specific Kubernetes objects (Services, Ingress) contain the rights configuration for the
HTTP-01 challenge to succeed
- Official Kubernetes Helm chart for simplistic deployment.
Requirements
- Kubernetes 1.2+
- Compatible ingress controller (nginx or GCE see here)
- Non-production use case
|
请发表评论