Kubernetes cert-manager

This module provides our standard set up for cert-manager.

Providers

The following providers are needed by this module:

• helm (2.12.1)

• kubectl (2.1.3)

• kubernetes (2.34.0)

• pf (0.0.7)

• random (3.6.3)

Required Inputs

No required inputs.

Optional Inputs

The following input variables are optional (have default values):

canary_enabled

Description: Whether to add canary checks to the deployed systems

Type: bool

Default: false

cert_manager_version

Description: The version of cert-manager to deploy

Type: string

Default: "1.16.3"

log_verbosity

Description: The log verbosity (0-9) for the cert-manager pods

Type: number

Default: 0

monitoring_enabled

Description: Whether to add active monitoring to the deployed systems

Type: bool

Default: false

panfactum_scheduler_enabled

Description: Whether to use the Panfactum pod scheduler with enhanced bin-packing

Type: bool

Default: false

pull_through_cache_enabled

Description: Whether to use the ECR pull through cache for the deployed images

Type: bool

Default: true

self_generated_certs_enabled

Description: Whether to enable self-generated webhook certs (only use on initial installation)

Type: bool

Default: true

sla_target

Description: The Panfactum SLA level for the module deployment. 1 = lowest uptime (99.9%), lowest cost — 3 = highest uptime (99.999%), highest Cost

Type: number

Default: 3

vpa_enabled

Description: Whether the VPA resources should be enabled

Type: bool

Default: false

wait

Description: Wait for resources to be in a ready state before proceeding. Disabling this flag will allow upgrades to proceed faster but will disable automatic rollbacks. As a result, manual intervention may be required for deployment failures.

Type: bool

Default: true

Outputs

The following outputs are exported:

namespace

Description: n/a

service_account

Description: n/a

Usage

No notes