Install cert-manager with a cluster management project

Version history

Assuming you already have a project created from a management project template, to install cert-manager you should uncomment this line from your helmfile.yaml:

  - path: applications/cert-manager/helmfile.yaml
note
If your Kubernetes version is earlier than 1.20 and you are migrating from GitLab Managed Apps to a cluster management project, then you can instead use - path: applications/cert-manager-legacy/helmfile.yaml to take over an existing release of cert-manager v0.10.

cert-manager:

  • Is installed by default into the gitlab-managed-apps namespace of your cluster.
  • Includes a Let’s Encrypt ClusterIssuer enabled by default. In the certmanager-issuer release, the issuer requires a valid email address for letsEncryptClusterIssuer.email. Let’s Encrypt uses this email address to contact you about expiring certificates and issues related to your account.
  • Can be customized in applications/cert-manager/helmfile.yaml by passing custom values to the certmanager release. Refer to the chart for the available configuration options.