This topic explains how to specify a custom Kubernetes namespace for cert-manager.
In most cases, cert-manager runs in the cert-manager namespace. Some users may have
company policies restricting the creation of new Kubernetes namespaces or have policies requiring
cert-manager to be run in a different namespace, for example kube-system.
Specify a custom namespace for cert-manager
- Create the namespace if needed:
kubectl create namespace new-cert-manager-namespace
- Install cert-manager following the instructions in Installation: Introduction in the cert-manager documentation.
- Add a
certManagerstanza to your overrides file.certManager: namespace: new-cert-manager-namespace - Apply the namespace change:
Helm
Test with a dry run first:
helm upgrade operator apigee-operator/ \ --install \ --namespace apigee-system \ --atomic \ -f OVERRIDES_FILE.yaml \ --dry-run
Apply the change:
helm upgrade operator apigee-operator/ \ --install \ --namespace apigee-system \ --atomic \ -f OVERRIDES_FILE.yaml
apigeectl$APIGEECTL_HOME/apigeectl init -f OVERRIDES_FILE.yaml
- Verify that cert-manager installed correctly in the new namespace with the
kubectl get podscommand:kubectl get pods -n new-cert-manager-namespace
NAME READY STATUS RESTARTS AGE cert-manager-1234567-abcde 1/1 Running 0 21s cert-manager-cainjector-23456789a-bcdef 1/1 Running 0 22s cert-manager-webhook-3456789ab-cdef0 1/1 Running 0 20s
- If cert manager had previoiusly been running, delete the
cert-managerinstance in thecert-managernamespace by following the instructions in Uninstall in the cert-manager documentation.