I am currently stuck setting up Kubermatic Kubernetes Platform due to not having signed certificates and not being able to connect LetsEncyrpt (internal rules ). I am already working on that but with COVID everything is moving very very slow (Not that it was fast before the crisis but this is next level ). Is it possible to setup Kubermatic in an “insecure” Demo Mode?
I’d suggest to use DNS challenge of cert-manager if it’s not possible to receive direct HTTP calls from the outside world.
Another alternative is to use self-signed certificates (the cert-manager can issue those) and then spreading the CA via the
spec.auth.caBundle flag in the KubermaticConfiguration. This enables the Kubermatic API to talk with Dex using a custom certificate.
HTTPS is always mandatory, it’s not possible to reconfigure the Kubermatic stack to use plaintext HTTP.