Traefik LetsEncrypt certificate in Helm Ingress

Question

I'm missing some form of configuration/knowledge when configuring an ingress through Helm for a chart.

I want to enable TLS for an existing chart which has the following values:

ingress:
  enabled: false
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  path: /
  hosts:
    - chart-example.local
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local

From what I've read on the Traefik docs you can't use LetsEncrypt certificates in k8s secrets:

Only TLS certificates provided by users can be stored in Kubernetes Secrets. Let's Encrypt certificates cannot be managed in Kubernets Secrets yet.

What are my options here, do I overwrite the ingress and potentially mess with future helm upgrades or is annotations the way to go? If so an example would be great.

Answer 1

Only TLS certificates provided by users can be stored in Kubernetes Secrets. Let's Encrypt certificates cannot be managed in Kubernets Secrets yet.

It was discussed few times here, on stack. Maybe it will help you.

The most recommended solution is to use cert-manager instead of LetsEncrypt .

1. Traefik Ingress (Kubernetes) not receiving letsencrypt certificates

2. Let's Encrypt on Traefik with Helm

Also here is How to easily(ish!) get SSL/TLS configured for your web hosting needs using Traefik and cert-manager on Kubernetes article for you that shows everything is in details.