Untitled

```bash
echo "apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: viktor@farcic.com
    privateKeySecretRef:
      name: letsencrypt-prod
    http01: {}" \
    | kubectl apply -f -

helm upgrade -i cert-manager \
    stable/cert-manager \
    --namespace df \
    --set ingressShim.defaultIssuerName=letsencrypt-prod \
    --set ingressShim.defaultIssuerKind=ClusterIssuer
```

After that, I created my Jenkins (and other apps). However, I use Helm, so I can't give you the exact definition. Here's the JSON output of my Jenkins Ingress.

```bash
kubectl -n cd get ing jenkins -o json
```

```
{
    "apiVersion": "extensions/v1beta1",
    "kind": "Ingress",
    "metadata": {
        "annotations": {
            "ingress.kubernetes.io/proxy-body-size": "50m",
            "ingress.kubernetes.io/proxy-request-buffering": "off",
            "ingress.kubernetes.io/ssl-redirect": "true",
            "kubernetes.io/ingress.class": "nginx",
            "kubernetes.io/ingress.global-static-ip-name": "df-ip",
            "kubernetes.io/tls-acme": "true",
            "nginx.ingress.kubernetes.io/proxy-body-size": "50m",
            "nginx.ingress.kubernetes.io/proxy-request-buffering": "off",
            "nginx.ingress.kubernetes.io/ssl-redirect": "true"
        },
        "creationTimestamp": "2018-08-23T19:40:40Z",
        "generation": 2,
        "name": "jenkins",
        "namespace": "cd",
        "resourceVersion": "6056868",
        "selfLink": "/apis/extensions/v1beta1/namespaces/cd/ingresses/jenkins",
        "uid": "6ab42d2a-a70c-11e8-9272-42010a8e0084"
    },
    "spec": {
        "rules": [
            {
                "host": "jenkins2.dockerflow.com",
                "http": {
                    "paths": [
                        {
                            "backend": {
                                "serviceName": "jenkins",
                                "servicePort": 8080
                            }
                        }
                    ]
                }
            }
        ],
        "tls": [
            {
                "hosts": [
                    "jenkins2.dockerflow.com"
                ],
                "secretName": "le-jenkins"
            }
        ]
    },
    "status": {
        "loadBalancer": {
            "ingress": [
                {
                    "ip": "35.237.214.0"
                }
            ]
        }
    }
}
```

The key is in the `"kubernetes.io/tls-acme": "true"` annotation and the `spec.tls` section.