github.com/cilium/cilium@v1.16.2/Documentation/network/servicemesh/tls-default-certificate.rst (about) 1 .. only:: not (epub or latex or html) 2 3 WARNING: You are looking at unreleased Cilium documentation. 4 Please use the official rendered version released here: 5 https://docs.cilium.io 6 7 ********************************** 8 Defaults certificate for Ingresses 9 ********************************** 10 11 Cilium can use a default certificate for ingresses without ``.spec.tls[].secretName`` set. 12 It's still necessary to have ``.spec.tls[].hosts`` defined. 13 14 Prerequisites 15 ############# 16 17 * Cilium must be configured with Kubernetes Ingress Support. 18 Please refer to :ref:`Kubernetes Ingress Support <gs_ingress>` for more details. 19 20 Installation 21 ############ 22 23 .. tabs:: 24 25 .. group-tab:: Helm 26 27 Defaults certificate for Ingresses can be enabled with helm flags 28 ``ingressController.defaultSecretNamespace`` and 29 ``ingressController.defaultSecretName``` 30 set as true. Please refer to :ref:`k8s_install_helm` for a fresh installation. 31 32 .. parsed-literal:: 33 34 $ helm upgrade cilium |CHART_RELEASE| \\ 35 --namespace kube-system \\ 36 --reuse-values \\ 37 --set ingressController.defaultSecretNamespace=kube-system \\ 38 --set ingressController.defaultSecretName=default-cert \\ 39 40 $ kubectl -n kube-system rollout restart deployment/cilium-operator 41 $ kubectl -n kube-system rollout restart ds/cilium 42 43 .. group-tab:: Cilium CLI 44 45 .. include:: ../../installation/cli-download.rst 46 47 Cilium Ingress Controller can be enabled with the following command: 48 49 .. parsed-literal:: 50 51 $ cilium install |CHART_VERSION| \ 52 --set kubeProxyReplacement=true \ 53 --set ingressController.enabled=true \ 54 --set ingressController.defaultSecretNamespace=kube-system \ 55 --set ingressController.defaultSecretName=default-cert