Preparing the Workload Cluster for Certificate Manager Installation
Before installing Certificate Manager (cert-manager) in your workload cluster, there are a few steps to take. These steps will ensure that the installation is successful and that the cert-manager pods run smoothly.
Step 1: Set the Context of kubectl to the Cluster
The first step is to set the context of kubectl to your workload cluster. You can do this using the command kubectl config use-context my-cluster-admin@my-cluster
Step 2: Create a K8s Namespace for Installed Packages
Next, create a K8s namespace for installed packages using the command
kubectl create ns my-packages
Step 3: List Package Repositories
List the available package repositories using the command
tanzu package repository list -A
Step 4: Install the Standard Package Repository (if necessary)
If your cluster does not have the standard package repository installed, install it using the command tanzu package repository add tanzu-standard --url projects.registry.vmware.com/tkg/packages/standard/repo:v2.2.0 --namespace tkg-system
.
Step 5: Confirm Availability of the Cert-Manager Package
Confirm that the cert-manager package is available in your workload cluster using the command
tanzu package available list -A
Step 6: Install Cert-Manager
Install the cert-manager package using the command
tanzu package install cert-manager --package cert-manager.tanzu.vmware.com --namespace TARGET-NAMESPACE --version AVAILABLE-PACKAGE-VERSION
Step 7: Confirm Installation of Cert-Manager
Confirm that the cert-manager package has been installed using the command
tanzu package installed list -A
Step 8: Confirm Reconciliation of Cert-Manager App
Confirm that the cert-manager app has been successfully reconciled in your TARGET-NAMESPACE using the command
kubectl get apps -A
Step 9: Troubleshoot Any Issues
If the status is not Reconcile Succeeded, view the full status details of the cert-manager app using the command
kubectl get app cert-manager --namespace TARGET-NAMESPACE -o yaml
If troubleshooting does not help, uninstall the package before installing it again using the command tanzu package installed delete cert-manager --namespace TARGET-NAMESPACE
.