cert manager controller #0
Deploy this charm on Kubernetes with the CLI. Find out how by reading the docs.
Description
Cert Manager Controller
- Tags:
- kubernetes ›
- certificates ›
Docker Resource Layer
This layer provides an interface for dealing with charm resources that are Docker images.
Usage
Using this layer generally consists of the following steps:
- Call
layer.docker_resource.fetch(resource_name)
- Wait for
layer.docker-resource.{resource_name}.available
- Call
layer.docker_resource.get_info(resource_name)
Alternatively, a resource can be marked with auto-fetch: true
in its
definition in metadata.yaml
, in which case it will automatically have
fetch()
called on it, if it is of type docker
. That way, you can
skip the first step and remove the need for an additional handler.
Example
Given a Kubernetes charm with the following resource definition in the
metadata.yaml
file:
name: my-charm
resources:
my-resource:
type: oci-image
auto-fetch: true
description: "The image for this charm"
The charm would then use the follow reactive code to use the Docker image resource:
from charms.reactive import when, when_not
from charms import layer
@when('layer.docker-resource.my-resource.available')
@when_not('charm.my-charm.started')
def start_container():
layer.status.maintenance('configuring container')
image_info = layer.docker-resource.get_info('my-resource')
layer.caas_base.pod_spec_set({
'containers': [
{
'name': 'my-service',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'ports': [
{
'name': 'service',
'containerPort': 80,
},
],
},
],
})
layer.status.maintenance('creating container')
Reference
Methods
The methods available are:
-
charms.layer.docker-resource.fetch(resource_name)
Request that the given Docker image resource be fetched and validated. -
charms.layer.docker-resource.get_info(resource_name)
Return the image info object for the given resource.
Image Info Object
The image info object returned by get_info(resource_name)
is a DockerImageInfo
instance which has the following properties:
-
image_info.registry_path
This is the fully qualified registry path for the image. This will generally point to the controller or charm store, but may point directly to an external registry. -
image_info.username
The username needed to access the image on the registry, if any. -
image_info.password
The password needed to access the image on the registry, if any.
Reactive Flags
The flags set by this layer are:
-
layer.docker-resource.{resource_name}.fetched
Set as soon as the given resource has been requested by thefetch
method. -
layer.docker-resource.{resource_name}.available
Set when the given resource has been downloaded and is available. -
layer.docker-resource.{resource_name}.failed
Set when the given resource failed to download.
Status Messages
This layer will automatically set a maintenance status message while fetching
each resource, and a blocked status message if one or more resources fail to
be fetched. The statuses will be set using layer:status
to handle conflict
resolution.
You can disable automatic status messages from this layer by changing the layer
option set-status
to false
in your layer.yaml
.
Configuration
- acme-issuers
- (string) ACME issuers. See https://cert-manager.io/docs/configuration/acme/
- {}
- ca-issuers
- (string) CA issuers. See https://cert-manager.io/docs/configuration/ca/
- {}
- port
- (int) HTTP port
- 9402
- self-signed-issuers
- (string) Self-signed issuers. See https://cert-manager.io/docs/configuration/selfsigned/
- cert-manager-default: