Chart version: 0.1.2
Api version: v1
App version: n/a
A Helm chart for kube-Lego (Automatic Signed Certificates for I...
Chart Type
Set me up:
helm repo add center
Install Chart:
helm install kube-lego center/cloudposse/kube-lego
Versions (0)

Kube Lego

A Helm chart for kube-Lego that provides automatic signed certificates for Ingress resources in the deployed namespace.

Based on kube-lego by Jetstack.

Table of Contents

  • Quick start
  • Introduction
  • Prerequisites
  • Specific
  • Installing the Chart
  • Uninstalling the Chart
  • Configuration

Quick start

$ helm repo rm cloudposse-incubator 2>/dev/null
$ helm repo add cloudposse-incubator
$ helm install --namespace=kube-system --name kube-lego --set, incubator/kube-lego


This chart installs kube-lego on a Kubernetes cluster using the Helm package manager. It handles the exchange between the Let’s Encrypt API to generate signed SSL certificaes which get stored in Kubernetes secrets.

IMPORTANT Before you begin, we recommend you become familiar with the HARD rate limits here:

Do not generate prod certificates for testing or you’ll probably get rate limited! You’ve been warned.


  • Kubernetes 1.4+ with Beta APIs enabled


IMPORTANT: You should only deploy one kube-lego chart per cluster, therefore we recommend you choose the kube-system namespace.

Installing the Chart

Add the charts repo

$ helm repo rm cloudposse-incubator 2>/dev/null
$ helm repo add cloudposse-incubator

We recommend that you use the kube-system namespace, since there should only be one install per cluster.

To install the chart:

$ helm install --namespace=kube-system --name=kube-lego incubator/kube-lego

We recommend to use kube-lego as the release name.

The command deploys kube-lego on the Kubernetes cluster with the default configuration. The configuration section lists the parameters that can be configured during installation.

Tip: List all releases using helm list

Uninstalling the Chart

To uninstall/delete the kube-lego deployment:

$ helm delete --purge kube-lego

The command removes all the Kubernetes components associated with the chart and deletes the release.


The following tables lists the configurable parameters of the kube-lego chart and their default values.

Parameter Description Default
image.repository kube-lego image repository jetstack/kube-lego
image.tag kube-lego image tag 0.1.3
image.pullPolicy kube-lego image pull policy IfNotPresent Email to associate with requests to Let’s Encrypt REQUIRED TO BE SPECIFIED Whether or not to generate signed certificates false

The above parameters map to the env variables defined in cloudposse/kube-lego. For more information please refer to the cloudposse/kube-lego image and application documentation.

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

$ helm install \
    --namespace kube-system
    --name kube-lego \
    --set, \

The above command sets the mode to false and the to

Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,

$ helm install \
    --namespace kube-system \
    --name kube-lego \
    -f values.yaml \

Tip: You can use the default values.yaml as template to get you started.