prysm-pulse/k8s/letsencrypt-issuer.yaml
Preston Van Loon 7078382b82
k8s goerli config (#1517)
* Added goerli node config

* add validator configuration

* working better with istio

* cleanup

* Update bootnodes and genesis

* prepare goerli

* cleaning up geth stuff

* Working on istio

* Update somethings for istio

* Add back bootnode for internal discovery, add some labels for istio

* support ws

* ssl via lets encrypt

* Remove ingress

* Expose grafana

* allow insecure

* Add consistent loadbalancing

* use pod antiaffinity so that the public nodes are highly available

* Change app name to goerli

* Add unstable graphql

* remove redis

* lint

* gazelle and fix weights

* better affinity
2019-02-08 15:30:38 -05:00

39 lines
956 B
YAML

# See: https://github.com/stefanprodan/istio-gke/blob/master/docs/istio/05-letsencrypt-setup.md
apiVersion: certmanager.k8s.io/v1alpha1
kind: Issuer
metadata:
name: letsencrypt-prod
namespace: istio-system
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: contact@prysmaticlabs.com
privateKeySecretRef:
name: letsencrypt-prod
dns01:
providers:
- name: cloud-dns
clouddns:
serviceAccountSecretRef:
name: cert-manager-credentials
key: gcp-dns-admin.json
project: prysmaticlabs
---
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: istio-gateway
namespace: istio-system
spec:
secretname: istio-ingressgateway-certs
issuerRef:
name: letsencrypt-prod
commonName: "*.prylabs.net"
acme:
config:
- dns01:
provider: cloud-dns
domains:
- "*.prylabs.net"
- "prylabs.net"