cert-manager prometheus/grafana integration

README.md

@@ -4,6 +4,7 @@
     * [Configure upstream DNS-resolver](#upstream-dns-resolver)
     * [Change NodePort range](#nodeport-range)
     * [Clustering](#clustering)
+    * [Upgrade manually](#upgrade-manually)
   * [On Docker with k3d](#install-k3s-on-docker-k3d)
 * [Namespaces and resource limits](#namespaces-limits)
 * [Persistent volumes (StorageClass - dynamic provisioning)](#pv)
@@ -122,6 +123,19 @@ metadata:
     [...]
 ```
 
+### Upgrade cluster manually <a name="user-content-upgrade-manually"></a>
+Check out version you want to upgrade to: https://github.com/k3s-io/k3s/releases
+
+On master node:
+```
+curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=<VERSION> sh -
+```
+
+On any worker nodes:
+```
+curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=<VERSION> K3S_URL=https://<master-fqdn>:6443 K3S_TOKEN=<THE_TOKEN> sh -
+```
+
 ## On Docker with K3d <a name="user-content-install-k3s-on-docker-k3d"></a>
 K3d is a terraforming orchestrator which deploys a K3s cluster (masters and nodes) directly on docker without the need for virtual machines for each node (master/worker).
 
@@ -176,6 +190,8 @@ Read more about [AccessModes](https://kubernetes.io/docs/concepts/storage/persis
 https://rancher.com/docs/k3s/latest/en/storage/  
 Only supports *AccessMode*: ReadWriteOnce (RWO)
 
+If you want to disable the local
+
 ## Rancher Longhorn (distributed in local cluster) - MY FAVOURITE :-) <a name="user-content-pv-longhorn"></a>
 * Requirements: https://longhorn.io/docs/0.8.0/install/requirements/
   * Debian/Ubuntu: `apt install open-iscsi`
@@ -307,11 +323,21 @@ Docs: https://hub.helm.sh/charts/jetstack/cert-manager
 ```
 helm repo add jetstack https://charts.jetstack.io
 helm repo update
+
 kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.2/cert-manager.crds.yaml
+
 kubectl create namespace cert-manager
-helm install cert-manager --namespace cert-manager --set 'extraArgs={--dns01-recursive-nameservers-only,--dns01-recursive-nameservers=8.8.8.8:53\,1.1.1.1:53}' jetstack/cert-manager
+
+helm upgrade --install cert-manager \
+  --namespace cert-manager \
+  --set 'extraArgs={--dns01-recursive-nameservers-only,--dns01-recursive-nameservers=8.8.8.8:53\,1.1.1.1:53}' \
+  -f https://gitea.zwackl.de/dominik/k3s/raw/branch/master/cert-manager-values.yaml \
+  jetstack/cert-manager
+
 kubectl -n cert-manager get all
 ```
+**Note:** The [values file](https://gitea.zwackl.de/dominik/k3s/raw/branch/master/cert-manager-values.yaml) enables prometheus metrics. The values file references prometheus with it´s instance name `prom-stack`. If you want to go without prometheus metrics, just use the upper helm command without the `-f <URI>` argument. Further information regarding cert-manager helm chart values can be found [here](https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/README.template.md#configuration)
+
 ## Cluster-internal CA Issuer <a name="user-content-cert-manager-cluster-ca-issuer"></a>
 Docs: https://cert-manager.io/docs/configuration/ca/