cert_manager
Deploy IBM Certificate Manager Operator or **Red Hat Certificate Manager Operator into the target OCP cluster.
- IBM Certificate Manager Operator and Operand will be installed into the
ibm-common-services
namespace - Red Hat Certificate Manager Operatos will be installed into the
cert-manager-operator
namespace and the Operand will be created in thecert-manager
namespace.
The role supports migrtation from an existing IBM Certificate Manager install to the Red Hat Certificate Manager, and will configure the cluster resources namespace to ibm-common-services
in this case to ensure compatibility with all existing ClusterIssuers
.
Prerequisites
IBM Certificate Manager
You must have already installed a CatalogSource that contains IBM Certificate Manager and installed the IBM Cloud Pak Foundational Services Operator. These tasks can be achieved using the ibm_catalogs and common_services roles in this collection.
Red Hat Certificate Manager
You must have already installed the Red Hat Operators CatalogSource.
Role Variables
cert_manager_action
Inform the role whether to perform an install
or an uninstall
the Certificate Manager service, action can also be set to none
to instruct the role to take no action.
- Optional
- Environment Variable:
CERT_MANAGER_ACTION
- Default:
install
cert_manager_provider
Choose which flavour of Certificate Manager to install; IBM (ibm
), or Red Hat (redhat
)
- Optional
- Environment Variable:
CERT_MANAGER_PROVIDER
- Default:
redhat
Note: Certificate Manager is a cluster-wide dependency, therefore be really careful when uninstalling it as this might be used by several applications and dependencies installed in the cluster.
Example Playbook
After installing the Ansible Collection you can include this role in your own custom playbooks.
IBM Certificate Manager
- hosts: localhost
vars:
- cert_manager_action: install
- cert_manager_provider: ibm
roles:
- ibm.mas_devops.ibm_catalogs
- ibm.mas_devops.common_services
- ibm.mas_devops.cert_manager
Red Hat Certificate Manager
- hosts: localhost
vars:
- cert_manager_action: install
- cert_manager_provider: redhat
roles:
- ibm.mas_devops.cert_manager
Run Role Playbook
After installing the Ansible Collection you can easily run the role standalone using the run_role
playbook provided.
ROLE_NAME=cert_manager ansible-playbook ibm.mas_devops.run_role
License
EPL-2.0