两周前我开始使用 Flux,一切都很顺利,谢谢!现在的问题...我们正在将 cert-manager 安装为 HelmRelease,并且遇到了全新 AKS 安装的问题。颁发者和证书应该依赖于 cert-manager HelmRelease 但我们没有这样做的选项,并且 kustomize 失败了,因为尚未安装 cert-manager。
发行人清单文件:
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: linkerd-trust-anchor
namespace: linkerd
spec:
ca:
secretName: linkerd-trust-anchor
证书清单文件:
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: linkerd-identity-issuer
namespace: linkerd
spec:
secretName: linkerd-identity-issuer
duration: 48h
renewBefore: 25h
issuerRef:
name: linkerd-trust-anchor
kind: Issuer
commonName: identity.linkerd.cluster.local
dnsNames:
- identity.linkerd.cluster.local
isCA: true
privateKey:
algorithm: ECDSA
usages:
- cert sign
- crl sign
- server auth
- client auth
有什么我们可以做的吗?