Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.futurex.com/llms.txt

Use this file to discover all available pages before exploring further.

This tutorial provides instructions for installing and configuring three popular Kubernetes distributions - Minikube, Microk8s, and K3s - with Futurex-specific TLS certificates and cert-manager integration. Follow these steps to set up a local Kubernetes environment for development and testing purposes.

Workflow Overview

  1. Install Core Dependencies: Install Docker, Kubectl, Helm, and cmctl as required.
  2. Select Kubernetes Distribution: Choose between Minikube, Microk8s, or K3s based on your use case.
  3. Install Selected Distribution: Follow the specific installation steps for your chosen Kubernetes distribution.
  4. Configure TLS Certificates: Install Futurex-specific TLS certificates for secure communication with the Futurex Docker registry.
  5. Install cert-manager: Deploy the cert-manager operator to handle TLS certificate provisioning.
  6. Install Futurex cert-manager Plugin: Deploy the Futurex-specific cert-manager issuer plugin.
  7. Validation: Verify all components are running correctly using kubectl commands.

Minikube

Minikube is a tool designed to run a single-node Kubernetes cluster locally on your machine, including Linux systems. It is primarily used by developers and those new to Kubernetes for learning, development, and testing purposes.

Libraries needed

  • cert-manager: A cloud-native certificate management service for Kubernetes. It automates the provisioning and management of Transport Layer Security (TLS) certificates by integrating with various certificate authorities (CAs). cert-manager ensures that certificates are automatically renewed before they expire, and it stores them as Kubernetes Secrets for applications to use.
  • Docker: An open-source platform designed to simplify the creation, deployment, and management of applications using containerization. Essentially, Docker allows you to package an application and all its dependencies (libraries, configurations, etc.) into a self-contained unit called a Docker container.
  • Kernel-based Virtual Machine (KVM): A virtualization technology built into the Linux kernel that turns a Linux machine into a hypervisor—allowing a single physical server to run multiple VMs.
  • Kubectl: A command-line tool for controlling Kubernetes clusters. It allows users to run commands against Kubernetes clusters, performing various operations.
  • Helm: A package manager for Kubernetes, a container orchestration system, that simplifies deploying and managing complex applications. It packages application resources into a single, reusable unit called a chart, which contains all the necessary configuration files to define, install, and upgrade an application. Very similar to Linux’s apt or yum software package manager.
  • cmctl: A command-line interface (CLI) tool designed to manage and configure cert-manager resources within a Kubernetes cluster.
  • curl: A command-line tool and library used for transferring data to or from a server using a variety of internet protocols, such as HTTP, HTTPS, FTP, and more. It is commonly used by developers for tasks like testing APIs, downloading files, and automating web requests because it is versatile, widely available, and efficient.

Installation Steps

1
Confirm virtualization supportCheck if the computer that will be running Minikube has virtualization support:
Bash
egrep -c '(vmx|svm)' /proc/cpuinfo
If the number is less than 1, then the computer doesn’t support virtualization.If Minikube is running on a VM, most likely, there is a virtualization feature that needs to be enabled. For example, in Oracle VirtualBox, the VM needs to be shut down. In the main VirtualBox menu, go to the Settings for that VM and select Expert at the top left. Then, under System > Processor, select the Enable PAE/NX and Enable Nest VT-x/AMD-V options.
2
Install DockerUpdate the system’s local package index:
Bash
sudo apt update
Install the following dependencies:
Bash
sudo apt install -y ca-certificates curl gnupg
Add Docker’s official GPG key:
Bash
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
Add Docker’s official repository:
Bash
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Install Docker Engine:
Bash
sudo apt update
sudo apt install -y \
  docker-ce docker-ce-cli containerd.io \
  docker-buildx-plugin docker-compose-plugin
The user must be added to docker group:
Bash
sudo usermod -aG docker $USER && newgrp docker
3
Install Minikube
Bash
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
To verify if Minikube is installed:
Bash
minikube version
4
Install Kubectl
Bash
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
To verify if Kubectl is installed:
Bash
kubectl version
5
Install cmctl
Bash
OS=$(uname -s | tr A-Z a-z); ARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/'); curl -fsSL -o cmctl https://github.com/cert-manager/cmctl/releases/latest/download/cmctl_${OS}_${ARCH}
chmod +x cmctl
sudo mv cmctl /usr/local/bin
# or `sudo mv cmctl /usr/local/bin/kubectl-cert_manager` to use `kubectl cert-manager` instead.
To check if cmctl is installed:
Bash
cmctl version
6
Install Helm
Bash
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh
To verify if Helm is installed:
Bash
helm version
7
Install Futurex’s Docker TLS certificates for Minikube environmentDownload the certificates to a local directory.Make a Minikube certificate directory (if there isn’t one already):
Bash
mkdir -p $HOME/.minikube/certs
Copy the certificates to the newly created directory:
Bash
cp Futurex_RSA_TLS_CA.pem $HOME/.minikube/certs/Futurex_RSA_TLS_CA.crt
8
Run Minikube with the required flags and addons
Bash
# Start local Kubernetes cluster
minikube start \
    --embed-certs \
    --driver=docker \
    --insecure-registry localhost:5000
    
# Start a docker registry
minikube addons enable registry
minikube addons enable metrics-server
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
If you run into issues with enabling the Docker registry, try pulling the images manually:
Bash
minikube ssh
docker pull gcr.io/k8s-minikube/kube-registry-proxy:0.0.9
docker pull registry:3.0.0
# If running into issues with reaching unauthenticated pull rate limit - use docker login and log into a docker account
exit
minikube addons enable registry --images="Registry=docker.io/registry:3.0.0,KubeRegistryProxy=gcr.io/k8s-minikube/kube-registry-proxy:0.0.9"
9
Get the status of all the pods to confirm everything is running
Bash
kubectl get pods -A
10
Downloadcert-manager
Bash
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml
11
Download the Futurex cert-manager plugin into the local directory
Bash
wget -O cert-manager.tgz https://docker-registry.futurex.com/repository/futurex-helm-prod/cryptohub-cert-manager-issuer-0.2.0.tgz --no-check-certificate
Helm install the Futurex cert-manager plugin:
-n cert-manager puts the Futurex cert-manager plugin in the same namespace as the previously downloaded cert-manager.
Bash
helm install futurex-cert-manager ./cert-manager.tgz --set fullnameOverride="futurex-cert-manager" -n cert-manager
If successful, the output should look similar to below:
None
NAME: futurex-cert-manager
LAST DEPLOYED: Wed Oct 22 14:51:58 2025
NAMESPACE: cert-manager
STATUS: deployed
REVISION: 1
TEST SUITE: None

Microk8s

Microk8s is a lightweight, production-grade, and conformant Kubernetes distribution developed by Canonical. It is designed to simplify the deployment and management of Kubernetes, making it accessible for a wide range of use cases, including local development, edge computing, IoT devices, and small-scale production environments.

Libraries needed

  • cert-manager: A cloud-native certificate management service for Kubernetes. It automates the provisioning and management of Transport Layer Security (TLS) certificates by integrating with various certificate authorities (CAs). cert-manager ensures that certificates are automatically renewed before they expire, and it stores them as Kubernetes Secrets for applications to use.
  • Kubectl: A command-line tool for controlling Kubernetes clusters. It allows users to run commands against Kubernetes clusters, performing various operations.
  • Helm: A package manager for Kubernetes, a container orchestration system, that simplifies deploying and managing complex applications. It packages application resources into a single, reusable unit called a chart, which contains all the necessary configuration files to define, install, and upgrade an application. Very similar to Linux’s apt or yum software package manager.
  • curl: A command-line tool and library used for transferring data to or from a server using a variety of internet protocols, such as HTTP, HTTPS, FTP, and more. It is commonly used by developers for tasks like testing APIs, downloading files, and automating web requests because it is versatile, widely available, and efficient.

Installation steps

1
Install microk8s via snap
Bash
sudo snap install microk8s --classic
2
Installcurl
Bash
sudo apt install curl
3
Installcmctl
Bash
OS=$(uname -s | tr A-Z a-z); ARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/'); curl -fsSL -o cmctl https://github.com/cert-manager/cmctl/releases/latest/download/cmctl_${OS}_${ARCH}
chmod +x cmctl
sudo mv cmctl /usr/local/bin
# or `sudo mv cmctl /usr/local/bin/kubectl-cert_manager` to use `kubectl cert-manager` instead.
To check if cmctl is installed:
Bash
cmctl version
4
Downloadcert-manager
Bash
sudo microk8s kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml
5
Enable the Helm add-on
Bash
sudo microk8s enable helm
6
Install Futurex’s Docker TLS certificates for Microk8s environmentDownload the certificates to a local directory.Make a directory containing the Futurex docker-registry hostname:
Bash
sudo mkdir -p /var/snap/microk8s/current/args/certs.d/docker-registry.futurex.com
Copy the certs and change the file extensions from .pem to .crt in the newly-created directory:
Bash
sudo cp Futurex_RSA_TLS_CA.pem /var/snap/microk8s/current/args/certs.d/docker-registry.futurex.com/Futurex_RSA_TLS_CA.crt
7
Start Microk8s
Bash
sudo microk8s start
8
Download the Futurex cert-manager plugin into the local directory
Bash
wget -O cert-manager.tgz https://docker-registry.futurex.com/repository/futurex-helm-prod/cryptohub-cert-manager-issuer-0.2.0.tgz --no-check-certificate
Helm install the Futurex cert-manager:
-n cert-manager puts the Futurex cert-manager plugin in the same namespace as the previously downloaded cert-manager.
Bash
sudo microk8s helm install futurex-cert-manager ./cert-manager.tgz --set fullnameOverride="futurex-cert-manager" -n cert-manager
If successful, the output should look similar to below:
None
NAME: futurex-cert-manager
LAST DEPLOYED: Wed Oct 22 14:51:58 2025
NAMESPACE: cert-manager
STATUS: deployed
REVISION: 1
TEST SUITE: None

K3s

A lightweight, certified Kubernetes distribution for managing containers that is optimized for resource-constrained environments like IoT and edge computing. It is packaged as a single binary and includes all necessary components, such as a container runtime, network, and DNS, making it much simpler to install and run than standard Kubernetes. K3s uses a simplified architecture, with the control plane and worker node components built into single binaries. There are 2 ways to setup K3s:
  • Local testing setup: Run K3s on a single device using Docker containers to simulate multiple cluster nodes. This is ideal for quick testing and development without extra hardware.
  • Multi-device setup: Install K3s as a service on multiple physical or virtual machines. This configuration mirrors a real distributed cluster and can be used for staging or production deployments, especially in edge, IoT, or lightweight server environments.
Both approaches are shown below.

Single device testing (using Docker)

Libraries needed

  • Docker: An open-source platform designed to simplify the creation, deployment, and management of applications using containerization. Essentially, Docker allows you to package an application and all its dependencies (libraries, configurations, etc.) into a self-contained unit called a Docker container.
  • Kubectl: A command-line tool for controlling Kubernetes clusters. It allows users to run commands against Kubernetes clusters, performing various operations.
  • cmctl: A command-line interface (CLI) tool designed to manage and configure cert-manager resources within a Kubernetes cluster.
  • Helm: A package manager for Kubernetes, a container orchestration system, that simplifies deploying and managing complex applications. It packages application resources into a single, reusable unit called a chart, which contains all the necessary configuration files to define, install, and upgrade an application. Very similar to Linux’s apt or yum software package manager.
  • curl: A command-line tool and library used for transferring data to or from a server using a variety of internet protocols, such as HTTP, HTTPS, FTP, and more. It is commonly used by developers for tasks like testing APIs, downloading files, and automating web requests because it is versatile, widely available, and efficient.

Installation steps

1
Install DockerUpdate the system’s local package index:
Bash
sudo apt update
Install the following dependencies:
Bash
sudo apt install -y ca-certificates curl gnupg
Add Docker’s official GPG key:
Bash
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
Add Docker’s official repository:
Bash
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Install Docker Engine:
Bash
sudo apt update
sudo apt install -y \
  docker-ce docker-ce-cli containerd.io \
  docker-buildx-plugin docker-compose-plugin
The user must be added to docker group:
Bash
sudo usermod -aG docker $USER && newgrp docker
2
Install Kubectl
Bash
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
To verify Kubectl is installed:
Bash
kubectl version
3
Installcmctl
Bash
OS=$(uname -s | tr A-Z a-z); ARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/'); curl -fsSL -o cmctl https://github.com/cert-manager/cmctl/releases/latest/download/cmctl_${OS}_${ARCH}
chmod +x cmctl
sudo mv cmctl /usr/local/bin
# or `sudo mv cmctl /usr/local/bin/kubectl-cert_manager` to use `kubectl cert-manager` instead.
To verify cmctl is installed:
Bash
cmctl version
4
Install Helm
Bash
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh
To verify Helm is installed:
Bash
helm version
5
Create a Docker network
Bash
docker network create k3s-net
6
Install Futurex’s Docker TLS certificates for K3s environmentDownload the certificates to a local directory.Change the file extensions from .pem to .crt:
Bash
mv Futurex_RSA_TLS_CA.pem Futurex_RSA_TLS_CA.crt
Take note of the full path to the .crt file as this will be needed for the next command.
7
Set up the K3s server
Bash
docker run -d --name k3s-server \
   --privileged \
   -p 6443:6443 \
   -v k3s-data:/var/lib/rancher/k3s \
   -v <Full_Path_To>/Futurex_RSA_TLS_CA.crt:/etc/ssl/certs/Futurex_RSA_TLS_CA.crt:ro \
   --network k3s-net \
   --hostname k3s-server \
   rancher/k3s server \
   --node-name k3s-server
  • -d: Runs the container in detached mode, runs the container in the background.
  • --name: Name of the container so that it can be easily referenced by Docker.
  • --privileged: Gives the container extended privileges. Needed for K3s to access system resources like network interfaces, cgroups, and mount points in the container.
  • -p: Maps host port to the container port. (Note: Port 6443 is the default Kubernetes API server port.)
  • -v: Mounts a Docker volume with a specified name (e.g., k3s-data) into the container at a specified location (e.g., /var/lib/rancher/k3s). This is where K3s store persistent data like etcd or kubelet data. The second -v line mounts the Futurex TLS certificate into the proper place for k3s-server.
  • --network:Connects the container to a user-defined Docker network (e.g., k3s-net) so other containers can communicate with it.
  • --hostname: Sets the hostname inside the container (e.g., k3s-server). (Note: K3s uses this as the node name if you don’t override it.)
  • --node-name: Sets the node name that appears in Kubernetes.
8
Configure Kubectl accessThis copies the k3s.yaml configuration file to the current directory and then sets the kubectl environmental variable to that file.
Bash
docker cp k3s-server:/etc/rancher/k3s/k3s.yaml ./k3s.yaml
export KUBECONFIG=./k3s.yaml
Run the command to find out if the server node is active:
Bash
kubectl get nodes
If the node is ready, the output should look similar to below:
None
NAME                   STATUS   ROLES           AGE     VERSION
k3s-server             Ready    control-plane   2m     v1.34.1+k3s1
9
Set up the K3s workerRetrieve the server node token. Agents require a token to authenticate with the server. To extract it from the server container:
Bash
docker exec k3s-server cat /var/lib/rancher/k3s/server/node-token
It should look similar to:
K106366b56a682885fc75a691d2d6a852ee95065e478a7ec37a802c57857727ba41::server\:e2aff656ff80197f9c8ad22c6927e742
Copy that token as the value for the --token flag:
Bash
docker run -d \
     --name k3s-agent-1 \
     --privileged \
     --network k3s-net \
     --hostname k3s-agent-1 \
     rancher/k3s agent \
     --server https://k3s-server:6443 \
     --token <Server_Token> \
     --node-name k3s-agent-1
  • -d: Runs the container in detached mode, runs the container in the background.
  • --name: Name of the container so that it can be easily referenced by Docker.
  • --privileged: Gives the container extended privileges. Needed for K3s to access system resources like network interfaces, cgroups, and mount points in the container.
  • --network: Connects the container to a user-defined Docker network (e.g., k3s-net) so other containers can communicate with it.
  • --hostname: Sets the hostname inside the container (e.g., k3s-agent-1). Note: K3s uses this as the node name if you don’t override it.
  • --server: Specifies the address of the K3s server that this agent should connect to. (Note: Use the hostname or IP of the K3s server reachable from this container.)
  • --token: The node registration token uses to authenticate this agent with the K3s server.
  • --node-name: Sets the node name that appears in Kubernetes.
If the node is ready, running the command kubectl get nodes should provide an output similar to below
None
NAME                   STATUS   ROLES           AGE     VERSION
k3s-agent-1            Ready    <none>          2m      v1.34.1+k3s1
k3s-server             Ready    control-plane   5m      v1.34.1+k3s1
10
Downloadcert-manager
Bash
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml
After waiting about 10 seconds, check if cert-manager was installed correctly.
Bash
kubectl get pods -n cert-manager
The output should look similar to below:
None
NAMESPACE      NAME                                       READY   STATUS    RESTARTS       AGE
cert-manager   cert-manager-69fd4bc5fc-9xg24              1/1     Running   0              16s
cert-manager   cert-manager-cainjector-85b6d7fc67-rbwq2   1/1     Running   0              16s
cert-manager   cert-manager-webhook-cfbc49fc8-blg9v       1/1     Running   0              16s
11
Download the Futurex cert-manager plugin into the local directory
Bash
wget -O cert-manager.tgz https://docker-registry.futurex.com/repository/futurex-helm-prod/cryptohub-cert-manager-issuer-0.2.0.tgz --no-check-certificate
Helm install the Futurex cert-manager.
Bash
helm install futurex-cert-manager ./cert-manager.tgz --set fullnameOverride="futurex-cert-manager" -n cert-manager
-n cert-manager puts the Futurex cert-manager plugin in the same namespace as the previously downloaded cert-manager.
To check if the install was successful, run:
Shell
kubectl get pods -n cert-manager
The output should look similar to below:
None
NAME                                                      READY   STATUS    RESTARTS   AGE
cert-manager-7f6864ff99-sqxhf                             1/1     Running   0          76s
cert-manager-cainjector-6595c6777-88x7g                   1/1     Running   0          76s
cert-manager-webhook-58fd9998b4-pc56t                     1/1     Running   0          76s
futurex-cert-manager-controller-manager-cdfdd7c6d-l4pld   1/1     Running   0          15s

Multi-device testing

Libraries Needed

  • Kubectl: A command-line tool for controlling Kubernetes clusters. It allows users to run commands against Kubernetes clusters, performing various operations.
  • cmctl: A command-line interface (CLI) tool designed to manage and configure cert-manager resources within a Kubernetes cluster.
  • Helm: A package manager for Kubernetes, a container orchestration system, that simplifies deploying and managing complex applications. It packages application resources into a single, reusable unit called a chart which contains all the necessary configuration files to define, install, and upgrade an application. Very similar to Linux’s apt or yum software package manager.
  • curl: A command-line tool and library used for transferring data to or from a server using a variety of internet protocols, such as HTTP, HTTPS, FTP, and more. It is commonly used by developers for tasks like testing APIs, downloading files, and automating web requests because it is versatile, widely available, and efficient.

Installation steps

1
On the server machine, installcurl
Bash
sudo apt install curl
2
Install Kubectl
Bash
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
To verify if Kubectl is installed:
Bash
kubectl version
3
Installcmctl
Bash
OS=$(uname -s | tr A-Z a-z); ARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/'); curl -fsSL -o cmctl https://github.com/cert-manager/cmctl/releases/latest/download/cmctl_${OS}_${ARCH}
chmod +x cmctl
sudo mv cmctl /usr/local/bin
# or `sudo mv cmctl /usr/local/bin/kubectl-cert_manager` to use `kubectl cert-manager` instead.
To verify cmctl is installed:
Bash
cmctl version
4
Install Helm
Bash
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh
To check if Helm is installed:
Bash
helm version
5
Download and install K3s for the server (master) device
Bash
curl -sfL https://get.k3s.io | sh -
6
k3s.yaml is a Kubernetes kubeconfig file that K3s generates for the cluster. It is originally owned by root user. It is recommended to copy the configuration file to a secure location and change the permissions to only allow the specified user read and write access.
The k3s.yaml contains sensitive information about the cluster. Follow best security practices to secure this file.
Bash
sudo cp /etc/rancher/k3s/k3s.yaml /path/to/secure/location
sudo chown $USER:$USER /path/to/secure/location/k3s.yaml
Export the KUBECONFIG environment variable so that the current user can use kubectl and helm.
Bash
export KUBECONFIG=/path/to/secure/location/k3s.yaml
7
Install Futurex’s Docker TLS certificates for K3s environmentDownload the certificates to a local directory.Change the file extensions from .pem to .crt:
Bash
mv Futurex_RSA_TLS_CA.pem Futurex_RSA_TLS_CA.crt
Move the .crt file to:
Bash
sudo cp Futurex_RSA_TLS_CA.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
sudo systemctl daemon-reload
sudo systemctl restart k3s
8
Downloadcert-manager
Bash
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml
After about 10 seconds, check if it is installed correctly:
Bash
kubectl get pods -n cert-manager
The output should be similar to the below:
None
NAMESPACE      NAME                                       READY   STATUS    RESTARTS       AGE
cert-manager   cert-manager-69fd4bc5fc-9xg24              1/1     Running   0              16s
cert-manager   cert-manager-cainjector-85b6d7fc67-rbwq2   1/1     Running   0              16s
cert-manager   cert-manager-webhook-cfbc49fc8-blg9v       1/1     Running   0              16s
9
Download the Futurex cert-manager plugin to the local directory
Bash
wget -O cert-manager.tgz https://docker-registry.futurex.com/repository/futurex-helm-prod/cryptohub-cert-manager-issuer-0.2.0.tgz --no-check-certificate
Helm install the Futurex cert-manager.
-n cert-manager puts the Futurex cert-manager plugin in the same namespace as the previously downloaded cert-manager.
Bash
helm install futurex-cert-manager ./cert-manager.tgz --set fullnameOverride="futurex-cert-manager" -n cert-manager
To check if the install was successful, run:
Shell
kubectl get pods -n cert-manager
The output should look similar to below:
None
NAME                                                      READY   STATUS    RESTARTS   AGE
cert-manager-7f6864ff99-sqxhf                             1/1     Running   0          76s
cert-manager-cainjector-6595c6777-88x7g                   1/1     Running   0          76s
cert-manager-webhook-58fd9998b4-pc56t                     1/1     Running   0          76s
futurex-cert-manager-controller-manager-cdfdd7c6d-l4pld   1/1     Running   0          15s
10
Download and install K3s for the worker deviceObtain the server token on the server device:
Bash
sudo cat /var/lib/rancher/k3s/server/node-token
The output will look similar to below:
None
K101253e84a8417669086a787eb724d4e314298d49b1c9053861d1206f40e258015::server:5e10e3aa22035f74f69a7299a3a0137d
Obtain the server’s IP address. One of the ways to do so is shown below:
Bash
ip addr
Paste the server’s token and IP address in the following command on the worker device:
Bash
curl -sfL https://get.k3s.io | K3S_URL=https://<Server_IP>:6443 K3S_TOKEN=<Server_Token> sh -