Public ungleich kubernetes repository
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
Nico Schottelius f26e4eedb8 Need to add commonLabels so that the selector of service matches 1 year ago
..
base configmapref -> name needs to be indented 1 year ago
overlays/ungleich Need to add commonLabels so that the selector of service matches 1 year ago
README.md [nginx/certbot] finish! 1 year ago

README.md

nginx service for getting letsencrypt certificates

Get real letsencrypt certificates in IPv6 based clusters.

Architecture

  • nginx/port 80 serves only the root for letsencrypt
  • nginx/port 443 crashes until the cert is there
  • A job (certbot) gets the cert

Missing bits

  • cronjob for renewal
  • Automatic restart of nginx
  • Fixing the service <-> pod mapping problem (goes to both http/https pods)

Brain storming

certbot --standalone / init container

  • Could in theory be used as an init container
  • nginx / port 80+443 could take over afterwards

Conclusion: does not work, as initcontainers are not targetted by services

certbot --standalone / job

Similar pattern as before -> works, because ports of jobs are caught by the service!