I have a confession. I'm running a virtual F5 at home as a lab device and ingress controller but it does not have any legitimate management certificate.
<Pause for rotten tomatoes...>
However, I do run a Kubernetes kluster with cert-manager and it automates certificate signing via Let's Encrypt and GCP so I figured maybe it'd be nice to write some sort of K8s Webhook or BatchJob which manages certificates on F5 devices.
I know there are ACME scripts for this and code examples using ie. Python but I want to do this in my Kubernetes cluster.
My questions are: Has anyone done this before? If so, want to share the code? If not, would anyone be interested in using this?
Naturally it'd be published on GitHub like all the other things I do, if I do it.
you're wanting to have a process in your cluster to manage/automate the certs on BIG-IP for container ingress services? I'm not sure all the pieces are there, but Sebastian wrote up using vault and AS3 in that regard, maybe something in there helpful toward achieving that?
I've found as3 a bit challenging to use in cases with shared partitions as it seems like it has to manage the whole partition, but my experience is very limited so I hope I'm wrong.
In this case it'd be ad-hoc cert management with the following DoD:
Certificates should be able to be managed in any partition, including common, and custom partitions
The partitions can have other types of configuration, only the certificates would be managed
Both Management and Traffic management certificates should be supported
