openshift4-ingress: A Commodore component to manage OpenShift 4 Ingress Controller

openshift4-ingress: A Commodore component to manage OpenShift 4 Ingress Controller is a Commodore component for Managing the OpenShift 4 ingress controller.

Wildcard Certificates

If no defaultCertificate is specified for an ingress controller, OpenShift 4 will create a cluster signed certificate for that ingress. Usually, that certificate isn’t deemed to be valid by browsers. On clouds providing DNS services that allow the use of dns-01-challenge, a Let’s Encrypt wildcard certificate is provisioned.

Supported DNS Services

The following DNS service providers are currently implemented:

  • GCP (tested)

  • AWS (untested)

  • Azure (untested)

If your cluster is running on a different cloud provider you must use one of the supported DNS01 providers in order to use Let’s Encrypt wildcard certificates.

Node Selector

A node selector is configured to only run the ingress controller pods on infra nodes. This helps to configure the load balancer on only a subset of the nodes.