-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure unique name for letsencrypt issues #249
Conversation
To be honest I don't know if this is the correct solution, but I ran into an issue trying to setup a second stack where it failed trying to create a ClusterIssuer resource that already existed.
@dakotabenjamin 👋 hey - this is a good catch. The problem is we ideally want the I'll try to spend some time with this today or tomorrow - I think ideally we may need to setup Let me know if your solution seems to work for now and if there's anything we can help to get it through, but we definitely want to figure something out where the ClusterIssuer exists only once per cluster. Thanks again for the catch and PR. |
So, I think roughly what we need to do:
cc @Rub21 @geohacker @yuvipanda - if you're able to give this a sanity check, I'd be extremely grateful. |
The two options are:
So it totally depends on how much per-cluster infra you have. How is cert-manager being installed? And any monitoring / ingress tools? Whatever is installing that should ideally also setup the issuer. But if you don't have a lot of 'once-per-cluster' tooling (perhaps you just use the cloud provider ingress and monitoring tools), doing (2) is probably fine. |
Thanks @yuvipanda ! Let's go with But, for now the approach in the PR seems fine - so, @dakotabenjamin then the other thing we'd need to do is update all the references to the Let me know if you'd like to add it to your PR or I can go ahead and make a new PR. Thanks again for the catch @dakotabenjamin and for the words of wisdom, @yuvipanda ! cc @Rub21 |
Closing in favour of #251 |
To be honest I don't know if this is the correct solution, but I ran into an issue trying to setup a second stack where it failed trying to create a ClusterIssuer resource that already existed.