Create OTEL CertsΒΆ
To generate the required OTEL certificates, follow these steps:
Create
otel-certs.yaml
file with the content below:Note: Make sure you update the
spec.issuerRef.name
,spec.issuerRef.kind
,spec.privateKey
based on the cert-manager configuration, see Configure Cert Managervi otel-certs.yaml
Content:
apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: external-f5ingotelsvr spec: subject: countries: - US provinces: - Washington localities: - Seattle organizations: - F5 Networks organizationalUnits: - PD emailAddresses: - clientcert@f5net.com commonName: f5net.com # SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. # It will be populated with a private key and certificate, signed by the denoted issuer. secretName: external-f5ingotelsvr-secret # IssuerRef is a reference to the issuer for this certificate. issuerRef: name: arm-ca-cluster-issuer kind: ClusterIssuer # Lifetime of the Certificate is 1 hour, not configurable duration: 2160h privateKey: rotationPolicy: Always encoding: PKCS1 algorithm: RSA size: 4096 --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: external-otelsvr spec: subject: countries: - US provinces: - Washington localities: - Seattle organizations: - F5 Networks organizationalUnits: - PD emailAddresses: - clientcert@f5net.com commonName: f5net.com # SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. # It will be populated with a private key and certificate, signed by the denoted issuer. secretName: external-otelsvr-secret # IssuerRef is a reference to the issuer for this certificate. issuerRef: name: arm-ca-cluster-issuer kind: ClusterIssuer # Lifetime of the Certificate is 1 hour, not configurable duration: 2160h privateKey: rotationPolicy: Always encoding: PKCS1 algorithm: RSA size: 4096
Apply the
otel-certs.yaml
in the namespace (either ondefault
orf5-utils
) where product needs to be installed.kubectl apply -f otel-certs.yaml -n default