cert-manager with split-horizon DNS

2021-05-08 12:01:26 +02:00 · 2021-05-08 12:01:26 +02:00 · bcd9281213
commit bcd9281213
parent c696392831
1 changed files with 3 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -269,12 +269,14 @@ A possible fix: `kubectl -n ingress-nginx delete ValidatingWebhookConfiguration
 # Cert-Manager (references ingress controller) <a name="user-content-cert-manager"></a>
 ## Installation <a name="user-content-cert-manager-install"></a>
 Docs: https://hub.helm.sh/charts/jetstack/cert-manager
 **Note on split-horizon DNS**: If you are planning to use DNS-01 validation in term of [split-horizon-DNS](https://en.wikipedia.org/wiki/Split-horizon_DNS) you will need to specify an external DNS-resolver (Google, Cloudflare or your ISPs resolver) instead of your internal upstream DNS-resolver for DNS self-checks! Read [this](https://cert-manager.io/docs/configuration/acme/dns01/#setting-nameservers-for-dns01-self-check) for further details.
 ```
 helm repo add jetstack https://charts.jetstack.io
 helm repo update
 kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.2/cert-manager.crds.yaml
 kubectl create namespace cert-manager
-helm install cert-manager --namespace cert-manager jetstack/cert-manager
+helm install cert-manager --namespace cert-manager --set 'extraArgs={--dns01-recursive-nameservers-only,--dns01-recursive-nameservers=8.8.8.8:53\,1.1.1.1:53}' jetstack/cert-manager
 kubectl -n cert-manager get all
 ```
 ## Let´s Encrypt issuer <a name="user-content-cert-manager-le-issuer"></a>