From 88a86f681a0112076b49ef347ebecf955e170e1c Mon Sep 17 00:00:00 2001
From: marcel-dempers <aimvec@gmail.com>
Date: Sun, 6 Dec 2020 22:41:46 +1100
Subject: [PATCH] cert-manager refactoring

---
 kubernetes/cert-manager/README.md             | 56 +++++++++----------
 .../cert-manager/selfsigned/certificate.yaml  | 11 ++++
 .../cert-manager/selfsigned/issuer.yaml       |  7 +++
 kubernetes/cert-manager/test.yaml             | 24 --------
 4 files changed, 45 insertions(+), 53 deletions(-)
 create mode 100644 kubernetes/cert-manager/selfsigned/certificate.yaml
 create mode 100644 kubernetes/cert-manager/selfsigned/issuer.yaml
 delete mode 100644 kubernetes/cert-manager/test.yaml

diff --git a/kubernetes/cert-manager/README.md b/kubernetes/cert-manager/README.md
index 86d5326..2257cfe 100644
--- a/kubernetes/cert-manager/README.md
+++ b/kubernetes/cert-manager/README.md
@@ -9,20 +9,15 @@ kind create cluster --name certmanager --image kindest/node:v1.19.1
 ```
 
 
-## Issuer 
+## Concepts 
 
-https://cert-manager.io/docs/concepts/issuer/
-
-
-## Certificate
-
-https://cert-manager.io/docs/concepts/certificate/
-
-
-## CertificateRequests
-
-## Orders and Challenges
+It's important to understand the various concepts and new Kubernetes resources that <br/>
+`cert-manager` introduces.
 
+* Issuers [docs](https://cert-manager.io/docs/concepts/issuer/)
+* Certificate [docs](https://cert-manager.io/docs/concepts/certificate/)
+* CertificateRequests [docs](https://cert-manager.io/docs/concepts/certificaterequest/)
+* Orders and Challenges [docs](https://cert-manager.io/docs/concepts/acme-orders-challenges/)
 
 ## Installation 
 
@@ -95,21 +90,22 @@ replicaset.apps/cert-manager-webhook-578954cdd       1         1         1
 Let's create some test certificates
 
 ```
- kubectl apply -f test.yaml
+kubectl create ns cert-manager-test
 
-  kubectl describe certificate -n cert-manager-test
+kubectl apply -f ./selfsigned/issuer.yaml
+
+kubectl apply -f ./selfsigned/certificate.yaml
+
+kubectl describe certificate -n cert-manager-test
+kubectl get secrets -n cert-manager-test
+
+kubectl delete ns cert-manager-test
 ```
 
 ## Configuration 
 
-
 https://cert-manager.io/docs/configuration/
 
-
-## DNS
-
-## HTTP
-
 ## Ingress Controller
 
 Let's deploy an Ingress controller: <br/>
@@ -120,7 +116,6 @@ kubectl create ns ingress-nginx
 kubectl -n ingress-nginx apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.41.2/deploy/static/provider/cloud/deploy.yaml
 
 kubectl -n ingress-nginx get pods
-kubectl -n ingress-nginx get svc
 
 kubectl -n ingress-nginx --address 0.0.0.0 port-forward svc/ingress-nginx-controller 80
 kubectl -n ingress-nginx --address 0.0.0.0 port-forward svc/ingress-nginx-controller 443
@@ -155,6 +150,17 @@ kubectl describe clusterissuer letsencrypt-cluster-issuer
 
 ```
 
+## Deploy a pod that uses SSL
+
+```
+kubectl apply -f .\kubernetes\deployments\
+kubectl apply -f .\kubernetes\services\
+kubectl get pods
+# deploy an ingress route
+kubectl apply -f .\kubernetes\cert-manager\ingress.yaml
+
+```
+
 ## Issue Certificate 
 
 ```
@@ -168,12 +174,4 @@ kubectl describe certificate example-app
 kubectl get secrets
 NAME                  TYPE                                  DATA   AGE
 example-app-tls       kubernetes.io/tls                     2      84m
-```
-
-## Deploy a pod that uses SSL
-
-```
-kubectl apply -f .\kubernetes\deployments\
-kubectl apply -f .\kubernetes\configmaps\
-kubectl apply -f .\kubernetes\services\
 ```
\ No newline at end of file
diff --git a/kubernetes/cert-manager/selfsigned/certificate.yaml b/kubernetes/cert-manager/selfsigned/certificate.yaml
new file mode 100644
index 0000000..ea72c52
--- /dev/null
+++ b/kubernetes/cert-manager/selfsigned/certificate.yaml
@@ -0,0 +1,11 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: selfsigned-cert
+  namespace: cert-manager-test
+spec:
+  dnsNames:
+    - example.com
+  secretName: selfsigned-cert-tls
+  issuerRef:
+    name: test-selfsigned
\ No newline at end of file
diff --git a/kubernetes/cert-manager/selfsigned/issuer.yaml b/kubernetes/cert-manager/selfsigned/issuer.yaml
new file mode 100644
index 0000000..4be5561
--- /dev/null
+++ b/kubernetes/cert-manager/selfsigned/issuer.yaml
@@ -0,0 +1,7 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: test-selfsigned
+  namespace: cert-manager-test
+spec:
+  selfSigned: {}
\ No newline at end of file
diff --git a/kubernetes/cert-manager/test.yaml b/kubernetes/cert-manager/test.yaml
deleted file mode 100644
index 736b876..0000000
--- a/kubernetes/cert-manager/test.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: cert-manager-test
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: test-selfsigned
-  namespace: cert-manager-test
-spec:
-  selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: selfsigned-cert
-  namespace: cert-manager-test
-spec:
-  dnsNames:
-    - example.com
-  secretName: selfsigned-cert-tls
-  issuerRef:
-    name: test-selfsigned
\ No newline at end of file