Cert-Manager & Cert-Manager CSI Documentation¶

Overview¶

What is Cert-Manager?¶

Cert-Manager is a Kubernetes add-on that automates the management and issuance of TLS certificates from various issuing sources such as Let's Encrypt, HashiCorp Vault, or a self-signed issuer. It ensures certificates are automatically renewed and kept up-to-date, enabling secure service communication with minimal manual intervention.

What is Cert-Manager CSI Driver?¶

The Cert-Manager CSI (Container Storage Interface) Driver integrates Cert-Manager with Kubernetes' CSI volume infrastructure. It allows users to mount X.509 certificates as files into pods via Kubernetes volumes, making certificate consumption simpler and file-based rather than secret-based.

Installing Cert-Manager & Cert-Manager CSI in KubeDNA¶

KubeDNA simplifies the deployment of components like Cert-Manager and Cert-Manager CSI through a no-code UI with just one click. Here's how you can install them:

Step-by-Step Installation¶

Access KubeDNA Dashboard:
Log in to your KubeDNA platform.
Select Your Cluster:
From the left sidebar, go to Clusters.
Choose the desired Kubernetes cluster where you want to install Cert-Manager.
Navigate to Components:
Click on Components in the top navigation menu.
Browse the list or use the search bar to locate Cert-Manager and Cert-Manager CSI.
Install Cert-Manager:
Click on Cert-Manager.
Press the Install button – installation begins automatically.
Install Cert-Manager CSI:
Return to the components list.
Click on Cert-Manager CSI.
Press the Install button – the CSI driver is now being deployed.
Monitor Status:
You can track the installation progress and logs in real-time from the KubeDNA UI under Installed Components.

Post-Installation Notes¶

Once installed, you can create Issuer or ClusterIssuer resources to issue certificates.
For CSI, define a Certificate resource with a volumeMount in your pod to use mounted certificates.
Ensure appropriate RBAC permissions are in place for Cert-Manager to function correctly.