To recap, we will be using the smallstep Public Key Infrastructure (PKI) to generate keys and certificates. The step CLI provides a helm chart for creating certificates:
- First, let's add the helm repository to get the chart:
$ helm repo add smallstep https://smallstep.github.io/helm-charts/
"smallstep" has been added to your repositories
- Now, check the helm repository list to view all recent charts:
$ helm repo list
NAME URL
stable https://kubernetes-charts.storage.googleapis.com
local http://127.0.0.1:8879/charts
smallstep https://smallstep.github.io/helm-charts/
nginx-stable https://helm.nginx.com/stable
kaal https://servicemeshbook.github.io/keepalived
- Update the helm repository with the smallstep chart:
$ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Skip local chart repository
...Successfully got an update from the "smallstep" chart repository
...Successfully got an update from the "kaal" chart repository
...Successfully got an update from the "nginx-stable" chart repository
...Successfully got an update from the "stable" chart repository
Update Complete.
- Install a smallstep certificate through the newly added helm chart:
$ helm install --name step --namespace step smallstep/step-certificates
--set fullnameOverride="step" --set ca.db.enabled=false
- Finally, check the status of the step pods:
$ kubectl -n step get pods
NAME READY STATUS RESTARTS AGE
step-0 1/1 Running 0 2m17s
step-bdszd 0/1 Completed 0 2m17s
The smallstep certificate is now available.