Certifications without cert-manager in BYOK setup

Hi,

The documentation mentions that cert-manager is not mandatory (see Qovery Documentation). However, we are unable to start the Qovery Helm release without it because the qovery-cluster-agent requires cert-manager to be installed in the cluster.

Is it possible to run a BYOK (Bring Your Own Kubernetes) setup without cert-manager and handle all certification-related tasks using an external provider like Cloudflare?

Here is the error message we are encountering:

helm_release.qovery: Modifying... [id=qovery]
╷
│ Error: [resource mapping not found for name: "qovery-cluster-agent-tls" namespace: "qovery" from "": no matches for kind "Certificate" in version "cert-manager.io/v1"
│ ensure CRDs are installed first, resource mapping not found for name: "qovery-cluster-agent-issuer" namespace: "" from "": no matches for kind "Issuer" in version "cert-manager.io/v1"
│ ensure CRDs are installed first]
│
│   with helm_release.qovery,
│   on qovery.tf line 1, in resource "helm_release" "qovery":
│    1: resource "helm_release" "qovery" {
│
╵

Thank you in advance for your assistance!

Hello @markkkkas,

Indeed we have improved the qovery-cluster-agent that now has a dependency to cert-manager (an admission controller has been added, which required a certificate and we chose to rely on cert-manager).

We will change this to package a qovery-cluster-agent that won’t need to rely on cert-manager.

Hello @markkkkas,

We have delivered a new version, you should have in qovery-cluster-agent chart a new default value:

useSelfSignCertificate: true

This will use a self signed certificate, so you won’t have any dependency to cert manager

1 Like

Hello,
Thanks for the solution, this is very helpful for me.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.