You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 1, 2022. It is now read-only.
Michael Bridgen edited this page Nov 25, 2019
·
2 revisions
Bootstrapping a cluster is one of the few places where understanding dependencies between resources is unavoidable. For example, it is usually necessary to have cert-manager available before starting webhooks; and certainly desirable for webhooks to be installed before creating any application resources.
Notes:
All Kubernetes webhooks are switching to cert-manager since it's the only controller that can automate the Kubernetes CA and certs needed at install time. With cert-manager you can deploy a webhook without generating certs locally and do the Kubernetes CA dance
cert-manager patches webhooks in cluster... I'm looking at how Gloo does it and Flux will undo it
on cluster bootstrap Flux will apply everything making (OPA) Gatekeeper useless