Open Source

Supercharging Kubernetes with Jetstack Open Source

Enhancing the experience a tool at a time



Cert-Manager is a powerful, general-purpose certificate management controller for Kubernetes. It will obtain certificates, from a variety of Issuers, and ensure these are valid and up-to-date, attempting to renew certificates at a configured time before expiry.

A major use-case is the automated issuance and renewal of Let’s Encrypt certificates for Ingress, as a drop-in replacement for Kube-Lego. However, there are also additional Issuers, including a simple signing keypair, with more in development.



Kube-OIDC-Proxy is a Kubernetes-based reverse proxy that handles authenticating HTTP requests using OpenID Connect. This project can be used to bring OIDC authentication where OIDC is unavailable, such as managed Kubernetes services, or to lock down unauthenticated endpoints with OIDC access.

Tarmak Logo


Tarmak and its underlying components are the product of Jetstack’s extensive experience working with customers to build and deploy Kubernetes in production at scale. Tarmak is an open source toolkit for Kubernetes cluster lifecycle management, built to be cloud-provider agnostic and gives consistent and reliable cluster deployment and management.



Kube-Lego is an open source project, started by Jetstack, for automating Let’s Encrypt TLS-enabled web services running in Kubernetes. Kube-Lego automates the process in Kubernetes by watching ingress resources and automatically requesting missing or expired TLS certificates from Let’s Encrypt.

  • Negotiates with an ACME server to obtain certificates for Ingress
  • Performs domain validations via ACME HTTP-01
  • Automates renewal process

Get started with Jetstack

Enquire about Subscription

Contact us