search

ovh / public-cloud-roadmap

Agile roadmap for OVHcloud Public Cloud services. Discover the features our product teams are working on, comment and influence our backlog.
https://www.ovhcloud.com/en/public-cloud/
186 stars 5 forks source link

Cert-manager DNS Webhook #311

Open rverchere opened 1 year ago

rverchere commented 1 year ago

Hi,

When using Kubernetes infrastructure, one way to secure our application is using ingress TLS encryption, thanks to let's encrypt and cert-manager.

You can get TLS certificates using a DNS01 challenge. But to make this option work, you need 2 things:

  1. External DNS, which is already implemented : https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/ovh.md
  2. Cert-Manager DNS Webhook, which is not official (https://github.com/baarde/cert-manager-webhook-ovh)

This could be a good thing to have the cert-manager-webhook-ovh officially supported by OVH.

matmicro commented 1 year ago

Please note also that there is still a bug with using External DNS and root domains on OVH : https://github.com/kubernetes-sigs/external-dns/issues/449

It would be great if this could be managed at OVH level to get this working perfectly.