-
Notifications
You must be signed in to change notification settings - Fork 1.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #3037 from multani/improve-doc
📖 Improve rendering of the documentation
- Loading branch information
Showing
21 changed files
with
163 additions
and
140 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,24 +1,29 @@ | ||
# Deploying the cert manager | ||
# Deploying cert-manager | ||
|
||
We suggest using [cert manager](https://github.com/jetstack/cert-manager) for | ||
We suggest using [cert-manager](https://github.com/jetstack/cert-manager) for | ||
provisioning the certificates for the webhook server. Other solutions should | ||
also work as long as they put the certificates in the desired location. | ||
|
||
You can follow | ||
[the cert manager documentation](https://cert-manager.io/docs/installation/) | ||
[the cert-manager documentation](https://cert-manager.io/docs/installation/) | ||
to install it. | ||
|
||
Cert manager also has a component called CA injector, which is responsible for | ||
injecting the CA bundle into the Mutating|ValidatingWebhookConfiguration. | ||
cert-manager also has a component called [CA | ||
Injector](https://cert-manager.io/docs/concepts/ca-injector/), which is responsible for | ||
injecting the CA bundle into the [`MutatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#MutatingWebhookConfiguration) | ||
/ [`ValidatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#ValidatingWebhookConfiguration). | ||
|
||
To accomplish that, you need to use an annotation with key | ||
`cert-manager.io/inject-ca-from` | ||
in the Mutating|ValidatingWebhookConfiguration objects. | ||
The value of the annotation should point to an existing certificate CR instance | ||
in the [`MutatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#MutatingWebhookConfiguration) | ||
/ [`ValidatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#ValidatingWebhookConfiguration) objects. | ||
The value of the annotation should point to an existing [certificate request instance](https://cert-manager.io/docs/concepts/certificaterequest/) | ||
in the format of `<certificate-namespace>/<certificate-name>`. | ||
|
||
This is the [kustomize](https://github.com/kubernetes-sigs/kustomize) patch we | ||
used for annotating the Mutating|ValidatingWebhookConfiguration objects. | ||
used for annotating the [`MutatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#MutatingWebhookConfiguration) | ||
/ [`ValidatingWebhookConfiguration`](https://pkg.go.dev/k8s.io/api/admissionregistration/v1#ValidatingWebhookConfiguration) objects. | ||
|
||
```yaml | ||
{{#include ./testdata/project/config/default/webhookcainjection_patch.yaml}} | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.