This step explains how to download and install cert-manager, required for Apigee hybrid to operate.
Install cert-manager
- Use the following command to install cert-manager v1.17.4 from GitHub.
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.4/cert-manager.yaml
You should see a response that the cert-manager namespace and several cert-manager resources have been created. For example:
customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io configured customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io configured ... mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook configured validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook configured
- Use the following command to verify the successful creation of cert-manager namespace and its corresponding components:
kubectl get all -n cert-manager -o wide
Your output should be similar to the following example. You should see pods for
cert-manager,cert-manager-cainjector, andcert-manager-webhook.NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod/cert-manager-675d667c9-8rrdf 1/1 Running 0 13s x.x.x.x gke-test-apigee-apigee-runtime-fbff3412-fsz9 none none pod/cert-manager-cainjector-6674494d8-lfr5r 1/1 Running 0 13s x.x.x.x gke-test-apigee-hy-apigee-data-efb302e2-1gqg none none pod/cert-manager-webhook-8566bcbc98-5krnh 1/1 Running 0 12s x.x.x.x gke-test-apigee-hy-apigee-data-0081cb07-2t5v none none NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/cert-manager ClusterIP x.x.x.x none 9402/TCP 13s app.kubernetes.io/component=controller,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cert-manager service/cert-manager-webhook ClusterIP x.x.x.x none 443/TCP 13s app.kubernetes.io/component=webhook,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=webhook NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR deployment.apps/cert-manager 1/1 1 1 13s cert-manager-controller quay.io/jetstack/cert-manager-controller:v1.15.1 app.kubernetes.io/component=controller,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cert-manager deployment.apps/cert-manager-cainjector 1/1 1 1 13s cert-manager-cainjector quay.io/jetstack/cert-manager-cainjector:v1.15.1 app.kubernetes.io/component=cainjector,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cainjector deployment.apps/cert-manager-webhook 1/1 1 1 13s cert-manager-webhook quay.io/jetstack/cert-manager-webhook:v1.15.1 app.kubernetes.io/component=webhook,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=webhook NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR replicaset.apps/cert-manager-675d667c9 1 1 1 13s cert-manager-controller quay.io/jetstack/cert-manager-controller:v1.15.1 app.kubernetes.io/component=controller,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cert-manager,pod-template-hash=675d667c9 replicaset.apps/cert-manager-cainjector-6674494d8 1 1 1 13s cert-manager-cainjector quay.io/jetstack/cert-manager-cainjector:v1.15.1 app.kubernetes.io/component=cainjector,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=cainjector,pod-template-hash=6674494d8 replicaset.apps/cert-manager-webhook-8566bcbc98 1 1 1 12s cert-manager-webhook quay.io/jetstack/cert-manager-webhook:v1.15.1 app.kubernetes.io/component=webhook,app.kubernetes.io/instance=cert-manager,app.kubernetes.io/name=webhook,pod-template-hash=8566bcbc98
For more information about installing cert-manager, see kubectl apply in the cert-manager installation documentation.
Summary
You now have cert-manager installed, and you are ready to install the Apigee hybrid custom resource definitions (CRDs).