Prerequisites
Requirements for running Comentario in a Kubernetes cluster
First, make sure you understand the requirements for running Comentario in general.
Second, you’ll need the following.
- Helm package manager 3.x is installed.
- We’re using certmanager for dealing with SSL certificates in the cluster: requesting and renewing.
- Once you have
certmanager
up and running, create a newClusterIssuer
for Let’s Encrypt. Or, even better, two issuers:letsencrypt-staging
for experimenting with your installation (so that you don’t hit Let’s Encrypt usage limits) andletsencrypt-prod
for production usage.
Below is an example of configuration files for creating these two issuers, while using Traefik ingress controller:
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
email: <YOUR EMAIL HERE> # Update this
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: issuer-letsencrypt-staging
solvers:
- http01:
ingress:
class: traefik-cert-manager
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
email: <YOUR EMAIL HERE> # Update this
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: issuer-letsencrypt-prod
solvers:
- http01:
ingress:
class: traefik-cert-manager