Deploy cert-manager

In this section you will deploy cert-manager and configure it to use a self-signed ClusterIssuer.


  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:/# cd ~/ops/deployments
  2. Install cert-manager resources in the kube-system namespace:

    root@rok-tools:~/ops/deployments# rok-deploy --apply rok/cert-manager/cert-manager-kube-system-resources/overlays/deploy
  3. Install cert-manager resources along with a self-signed ClusterIssuer:

    root@rok-tools:~/ops/deployments# rok-deploy --apply rok/cert-manager/cert-manager/overlays/deploy


  1. Verify that cert-manager is up-and-running. Check pod status and verify field STATUS is Running and field READY is 1/1 for all Pods:

    root@rok-tools:~/ops/deployments# kubectl -n cert-manager get pods
    NAME                                       READY   STATUS    RESTARTS   AGE
    cert-manager-58bcc6fc8c-s4bm7              1/1     Running   0          1m
    cert-manager-cainjector-54ffb448d4-tkt9s   1/1     Running   0          1m
    cert-manager-webhook-6d749899cf-9kjj6      1/1     Running   0          1m


You have successfully installed cert-manager and configured it with a self-signed ClusterIssuer.

What’s Next

The next step is to configure and install the NGINX Ingress Controller.