Open amcginlay opened 2 years ago
Also, in venafi-issuer.yaml
the attribute spec.venafi.cloud.url
is no longer required and its inclusion as specified causes a failure.
This documentation has it correct.
Also, the certificate manifest needs a commonName
so, for example:
...
spec:
secretName: demo-jetstack-mcginlay.net-tls
dnsNames:
- demo.jetstack.mcginlay.net
commonName: demo.jetstack.mcginlay.net
...
May I also suggest we rename this tutorial from "Securing Ingresses with Venafi" to "EKS + Ingress + Venafi" so it matches the pattern established by "GKE + Ingress + Let's Encrypt".
Finally, this tutorial should be linked from the Getting Started page, making sure to use appropriate iconography. One could argue that the link to the Securing NGINX-ingress tutorial should be removed to emphasize the public cloud use cases.
See here.
The currently documented manifests in the cert-manager tutorial have been removed from the
ingress-nginx
repo so the instructions are broken. (e.g. https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/aws/service-nlb.yaml)The official docs suggest that the way to install an NLB based
ingress-nginx
on AWS is withkubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.0/deploy/static/provider/aws/deploy.yaml
I've tested this and it appears to work as expected.
NOTE there is currently no helm based equivalent so
kubectl apply
is still the way to go.