From 3d6fe8aeec43c3b44c3ed25f9f33e4810c957acb Mon Sep 17 00:00:00 2001 From: rawmind0 Date: Thu, 16 Apr 2020 20:37:36 +0200 Subject: [PATCH 1/2] Updated installation docs: cert-manager version to 0.14.2 --- .../installation/k8s-install/helm-rancher/_index.md | 4 ++-- .../options/air-gap-helm2/install-rancher/_index.md | 6 +++--- .../populate-private-registry/_index.md | 4 ++-- .../options/helm2/helm-rancher/_index.md | 2 +- .../options/upgrading-cert-manager/_index.md | 12 ++++++------ .../helm-2-instructions/_index.md | 6 +++--- .../air-gap/install-rancher/_index.md | 6 +++--- .../air-gap/populate-private-registry/_index.md | 4 ++-- 8 files changed, 22 insertions(+), 22 deletions(-) diff --git a/content/rancher/v2.x/en/installation/k8s-install/helm-rancher/_index.md b/content/rancher/v2.x/en/installation/k8s-install/helm-rancher/_index.md index 84b002d3f8f..21baa7961f0 100644 --- a/content/rancher/v2.x/en/installation/k8s-install/helm-rancher/_index.md +++ b/content/rancher/v2.x/en/installation/k8s-install/helm-rancher/_index.md @@ -89,7 +89,7 @@ These instructions are adapted from the [official cert-manager documentation](ht ``` # Install the CustomResourceDefinition resources separately -kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yaml +kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml # **Important:** # If you are running Kubernetes v1.15 or below, you @@ -114,7 +114,7 @@ helm repo update helm install \ cert-manager jetstack/cert-manager \ --namespace cert-manager \ - --version v0.12.0 + --version v0.14.2 ``` Once you’ve installed cert-manager, you can verify it is deployed correctly by checking the cert-manager namespace for running pods: diff --git a/content/rancher/v2.x/en/installation/options/air-gap-helm2/install-rancher/_index.md b/content/rancher/v2.x/en/installation/options/air-gap-helm2/install-rancher/_index.md index f5895de9604..ccce961fac3 100644 --- a/content/rancher/v2.x/en/installation/options/air-gap-helm2/install-rancher/_index.md +++ b/content/rancher/v2.x/en/installation/options/air-gap-helm2/install-rancher/_index.md @@ -87,12 +87,12 @@ By default, Rancher generates a CA and uses cert-manager to issue the certificat 1. Fetch the latest cert-manager chart available from the [Helm chart repository](https://hub.helm.sh/charts/jetstack/cert-manager). ```plain - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 ``` 1. Render the cert manager template with the options you would like to use to install the chart. Remember to set the `image.repository` option to pull the image from your private registry. This will create a `cert-manager` directory with the Kubernetes manifest files. ```plain - helm template ./cert-manager-v0.12.0.tgz --output-dir . \ + helm template ./cert-manager-v0.14.2.tgz --output-dir . \ --name cert-manager --namespace cert-manager \ --set image.repository=/quay.io/jetstack/cert-manager-controller --set webhook.image.repository=/quay.io/jetstack/cert-manager-webhook @@ -101,7 +101,7 @@ By default, Rancher generates a CA and uses cert-manager to issue the certificat 1. Download the required CRD file for cert-manager ```plain - curl -L -o cert-manager/cert-manager-crd.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yaml + curl -L -o cert-manager/cert-manager-crd.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml ``` 1. Render the Rancher template, declaring your chosen options. Use the reference table below to replace each placeholder. Rancher needs to be configured to use the private registry in order to provision any Rancher launched Kubernetes clusters or Rancher tools. diff --git a/content/rancher/v2.x/en/installation/options/air-gap-helm2/populate-private-registry/_index.md b/content/rancher/v2.x/en/installation/options/air-gap-helm2/populate-private-registry/_index.md index cb9f4698034..0a57f137dc8 100644 --- a/content/rancher/v2.x/en/installation/options/air-gap-helm2/populate-private-registry/_index.md +++ b/content/rancher/v2.x/en/installation/options/air-gap-helm2/populate-private-registry/_index.md @@ -56,7 +56,7 @@ In a Kubernetes Install, if you elect to use the Rancher default self-signed TLS ```plain helm repo add jetstack https://charts.jetstack.io helm repo update - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 helm template ./cert-manager-.tgz | grep -oP '(?<=image: ").*(?=")' >> ./rancher-images.txt ``` @@ -220,7 +220,7 @@ The workstation must have Docker 18.02+ in order to support manifests, which are ```plain helm repo add jetstack https://charts.jetstack.io helm repo update - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 helm template ./cert-manager-.tgz | grep -oP '(?<=image: ").*(?=")' >> ./rancher-images.txt ``` diff --git a/content/rancher/v2.x/en/installation/options/helm2/helm-rancher/_index.md b/content/rancher/v2.x/en/installation/options/helm2/helm-rancher/_index.md index 239ed927a3b..8b88fff925a 100644 --- a/content/rancher/v2.x/en/installation/options/helm2/helm-rancher/_index.md +++ b/content/rancher/v2.x/en/installation/options/helm2/helm-rancher/_index.md @@ -79,7 +79,7 @@ These instructions are adapted from the [official cert-manager documentation](ht helm install \ --name cert-manager \ --namespace cert-manager \ - --version v0.12.0 \ + --version v0.14.2 \ jetstack/cert-manager ``` diff --git a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md index 83bce83066b..b6c3963fd9c 100644 --- a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md +++ b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md @@ -62,7 +62,7 @@ In order to upgrade cert-manager, follow these instructions: 1. Install the CustomResourceDefinition resources separately ```plain - kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yaml + kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml ``` > **Note:** @@ -92,7 +92,7 @@ In order to upgrade cert-manager, follow these instructions: helm install \ cert-manager jetstack/cert-manager \ --namespace cert-manager \ - --version v0.12.0 + --version v0.14.2 ``` 1. [Restore back up resources](https://cert-manager.io/docs/tutorials/backup/#restoring-resources) @@ -120,7 +120,7 @@ Before you can perform the upgrade, you must prepare your air gapped environment 1. Fetch the latest cert-manager chart available from the [Helm chart repository](https://hub.helm.sh/charts/jetstack/cert-manager). ```plain - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 ``` 1. Render the cert manager template with the options you would like to use to install the chart. Remember to set the `image.repository` option to pull the image from your private registry. This will create a `cert-manager` directory with the Kubernetes manifest files. @@ -128,7 +128,7 @@ Before you can perform the upgrade, you must prepare your air gapped environment The Helm 3 command is as follows: ```plain - helm template cert-manager ./cert-manager-v0.12.0.tgz --output-dir . \ + helm template cert-manager ./cert-manager-v0.14.2.tgz --output-dir . \ --namespace cert-manager \ --set image.repository=/quay.io/jetstack/cert-manager-controller --set webhook.image.repository=/quay.io/jetstack/cert-manager-webhook @@ -138,7 +138,7 @@ Before you can perform the upgrade, you must prepare your air gapped environment The Helm 2 command is as follows: ```plain - helm template ./cert-manager-v0.12.0.tgz --output-dir . \ + helm template ./cert-manager-v0.14.2.tgz --output-dir . \ --name cert-manager --namespace cert-manager \ --set image.repository=/quay.io/jetstack/cert-manager-controller --set webhook.image.repository=/quay.io/jetstack/cert-manager-webhook @@ -148,7 +148,7 @@ Before you can perform the upgrade, you must prepare your air gapped environment 1. Download the required CRD file for cert-manager (old and new) ```plain - curl -L -o cert-manager/cert-manager-crd.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yaml + curl -L -o cert-manager/cert-manager-crd.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml curl -L -o cert-manager/cert-manager-crd-old.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-X.Y/deploy/manifests/00-crds.yaml ``` diff --git a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md index 3299f50c08d..ac18dbf95d3 100644 --- a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md +++ b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md @@ -74,7 +74,7 @@ In order to upgrade cert-manager, follow these instructions: 1. Install the new version of cert-manager ```plain - helm install --version 0.12.0 --name cert-manager --namespace kube-system jetstack/cert-manager + helm install --version 0.14.2 --name cert-manager --namespace kube-system jetstack/cert-manager ``` {{% /accordion %}} @@ -95,13 +95,13 @@ Before you can perform the upgrade, you must prepare your air gapped environment 1. Fetch the latest cert-manager chart available from the [Helm chart repository](https://hub.helm.sh/charts/jetstack/cert-manager). ```plain - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 ``` 1. Render the cert manager template with the options you would like to use to install the chart. Remember to set the `image.repository` option to pull the image from your private registry. This will create a `cert-manager` directory with the Kubernetes manifest files. ```plain - helm template ./cert-manager-v0.12.0.tgz --output-dir . \ + helm template ./cert-manager-v0.14.2.tgz --output-dir . \ --name cert-manager --namespace kube-system \ --set image.repository=/quay.io/jetstack/cert-manager-controller --set webhook.image.repository=/quay.io/jetstack/cert-manager-webhook diff --git a/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/install-rancher/_index.md b/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/install-rancher/_index.md index bb1b4ae209c..eb2d3ab49ef 100644 --- a/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/install-rancher/_index.md +++ b/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/install-rancher/_index.md @@ -88,12 +88,12 @@ By default, Rancher generates a CA and uses cert-manager to issue the certificat 1. Fetch the latest cert-manager chart available from the [Helm chart repository](https://hub.helm.sh/charts/jetstack/cert-manager). ```plain - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 ``` 1. Render the cert manager template with the options you would like to use to install the chart. Remember to set the `image.repository` option to pull the image from your private registry. This will create a `cert-manager` directory with the Kubernetes manifest files. ```plain - helm template cert-manager ./cert-manager-v0.12.0.tgz --output-dir . \ + helm template cert-manager ./cert-manager-v0.14.2.tgz --output-dir . \ --namespace cert-manager \ --set image.repository=/quay.io/jetstack/cert-manager-controller \ --set webhook.image.repository=/quay.io/jetstack/cert-manager-webhook \ @@ -102,7 +102,7 @@ By default, Rancher generates a CA and uses cert-manager to issue the certificat 1. Download the required CRD file for cert-manager ```plain - curl -L -o cert-manager/cert-manager-crd.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yaml + curl -L -o cert-manager/cert-manager-crd.yaml https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml ``` 1. Render the Rancher template, declaring your chosen options. Use the reference table below to replace each placeholder. Rancher needs to be configured to use the private registry in order to provision any Rancher launched Kubernetes clusters or Rancher tools. diff --git a/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/populate-private-registry/_index.md b/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/populate-private-registry/_index.md index a7b4e8be62c..1473ef1b21e 100644 --- a/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/populate-private-registry/_index.md +++ b/content/rancher/v2.x/en/installation/other-installation-methods/air-gap/populate-private-registry/_index.md @@ -57,7 +57,7 @@ In a Kubernetes Install, if you elect to use the Rancher default self-signed TLS ```plain helm repo add jetstack https://charts.jetstack.io helm repo update - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 helm template ./cert-manager-.tgz | grep -oP '(?<=image: ").*(?=")' >> ./rancher-images.txt ``` @@ -227,7 +227,7 @@ The workstation must have Docker 18.02+ in order to support manifests, which are ```plain helm repo add jetstack https://charts.jetstack.io helm repo update - helm fetch jetstack/cert-manager --version v0.12.0 + helm fetch jetstack/cert-manager --version v0.14.2 helm template ./cert-manager-.tgz | grep -oP '(?<=image: ").*(?=")' >> ./rancher-images.txt ``` From 9cc63b9c8420c1a9fc4001479b1290048c18d872 Mon Sep 17 00:00:00 2001 From: rawmind0 Date: Fri, 17 Apr 2020 20:48:50 +0200 Subject: [PATCH 2/2] Updated cert-manager upgrade info --- .../options/upgrading-cert-manager/_index.md | 11 +++++++++-- .../helm-2-instructions/_index.md | 7 +++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md index b6c3963fd9c..b6ac9f49bed 100644 --- a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md +++ b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/_index.md @@ -8,6 +8,7 @@ Rancher uses cert-manager to automatically generate and renew TLS certificates f 1. [Let's Encrypt will be blocking cert-manager instances older than 0.8.0 starting November 1st 2019.](https://community.letsencrypt.org/t/blocking-old-cert-manager-versions/98753) 1. [Cert-manager is deprecating and replacing the certificate.spec.acme.solvers field](https://cert-manager.io/docs/installation/upgrading/upgrading-0.7-0.8/). This change has no exact deadline. 1. [Cert-manager is deprecating `v1alpha1` API and replacing its API group](https://cert-manager.io/docs/installation/upgrading/upgrading-0.10-0.11/) +1. [Cert-manager is changing the Deployment selector](https://cert-manager.io/docs/installation/upgrading/upgrading-0.13-0.14/) To address these changes, this guide will do two things: @@ -18,8 +19,8 @@ To address these changes, this guide will do two things: > If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: > 1. Take a one-time snapshot of your Kubernetes cluster running Rancher server -> 2. Uninstall Rancher, cert-manager, and the CustomResourceDefinition for cert-manager -> 3. Install the newer version of Rancher and cert-manager +> 2. Uninstall Rancher, cert-manager and the CustomResourceDefinition for cert-manager +> 3. Install the new CustomResourceDefinition for cert-manager, cert-manager and the newer version of Rancher > The reason is that when Helm upgrades Rancher, it will reject the upgrade and show error messages if the running Rancher app does not match the chart template used to install it. Because cert-manager changed its API group and we cannot modify released charts for Rancher, there will always be a mismatch on the cert-manager's API version, therefore the upgrade will be rejected. @@ -27,6 +28,10 @@ To address these changes, this guide will do two things: ## Upgrade Cert-Manager Only +If you are running cert-manager version 0.11.x or above, please follow official [upgrading doc](https://cert-manager.io/docs/installation/upgrading/#upgrading-with-helm) to upgrade it using helm. + +Continue reading if you are comming from a cert-manager version older than 0.11 + > **Note:** > These instructions are applied if you have no plan to upgrade Rancher. @@ -233,5 +238,7 @@ We have also removed support for the old configuration format that was deprecate Details about the change and migration instructions can be found in the [cert-manager v0.10 to v0.11 upgrade instructions](https://cert-manager.io/docs/installation/upgrading/upgrading-0.10-0.11/). +Details about the change and migration instructions can be found in the [cert-manager v0.13 to v0.14 upgrade instructions](https://cert-manager.io/docs/installation/upgrading/upgrading-0.13-0.14/). + More info about [cert-manager upgrade information](https://cert-manager.io/docs/installation/upgrading/). diff --git a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md index ac18dbf95d3..fc999325d1b 100644 --- a/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md +++ b/content/rancher/v2.x/en/installation/options/upgrading-cert-manager/helm-2-instructions/_index.md @@ -8,6 +8,7 @@ Rancher uses cert-manager to automatically generate and renew TLS certificates f 1. [Let's Encrypt will be blocking cert-manager instances older than 0.8.0 starting November 1st 2019.](https://community.letsencrypt.org/t/blocking-old-cert-manager-versions/98753) 1. [Cert-manager is deprecating and replacing the certificate.spec.acme.solvers field](https://docs.cert-manager.io/en/latest/tasks/upgrading/upgrading-0.7-0.8.html#upgrading-from-v0-7-to-v0-8). This change has no exact deadline. 1. [Cert-manager is deprecating `v1alpha1` API and replacing its API group](https://cert-manager.io/docs/installation/upgrading/upgrading-0.10-0.11/) +1. [Cert-manager is changing the Deployment selector](https://cert-manager.io/docs/installation/upgrading/upgrading-0.13-0.14/) To address these changes, this guide will do two things: @@ -27,6 +28,10 @@ To address these changes, this guide will do two things: ## Upgrade Cert-Manager Only +If you are running cert-manager version 0.11.x or above, please follow official [upgrading doc](https://cert-manager.io/docs/installation/upgrading/#upgrading-with-helm) to upgrade it using helm. + +Continue reading if you are comming from a cert-manager version older than 0.11 + > **Note:** > These instructions are applied if you have no plan to upgrade Rancher. @@ -180,4 +185,6 @@ We have also removed support for the old configuration format that was deprecate Details about the change and migration instructions can be found in the [cert-manager v0.10 to v0.11 upgrade instructions](https://cert-manager.io/docs/installation/upgrading/upgrading-0.10-0.11/). +Details about the change and migration instructions can be found in the [cert-manager v0.13 to v0.14 upgrade instructions](https://cert-manager.io/docs/installation/upgrading/upgrading-0.13-0.14/). + For information on upgrading from all other versions of cert-manager, refer to the [official documentation](https://cert-manager.io/docs/installation/upgrading/).