mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-16 12:40:43 +00:00
NK-23: Fixed readme and deployment script, deleted extra resource.
This commit is contained in:
parent
898652b9a2
commit
8c8c01a452
3 changed files with 36 additions and 13 deletions
31
README.md
31
README.md
|
@ -7,7 +7,7 @@ A Kubernetes native policy engine
|
||||||
|
|
||||||
## How it works
|
## How it works
|
||||||
|
|
||||||
# Installation
|
# Build
|
||||||
|
|
||||||
## Prerequisites
|
## Prerequisites
|
||||||
|
|
||||||
|
@ -17,6 +17,8 @@ Code generation for CRD controller depends on kubernetes/hack, so before use cod
|
||||||
|
|
||||||
`go get k8s.io/kubernetes/hack`
|
`go get k8s.io/kubernetes/hack`
|
||||||
|
|
||||||
|
We are using [dep](https://github.com/golang/dep)
|
||||||
|
|
||||||
## You can `go get`
|
## You can `go get`
|
||||||
|
|
||||||
Due to the repository privacy, you should to add SSH key to your github user to clone repository using `go get` command.
|
Due to the repository privacy, you should to add SSH key to your github user to clone repository using `go get` command.
|
||||||
|
@ -43,4 +45,29 @@ Navigate to kube-policy project dir and execute:
|
||||||
`dep ensure`
|
`dep ensure`
|
||||||
This will install necessary dependencies described in README.md
|
This will install necessary dependencies described in README.md
|
||||||
|
|
||||||
# Contributing
|
## Compiling
|
||||||
|
|
||||||
|
We are using code generator for custom resources objects from here: https://github.com/kubernetes/code-generator
|
||||||
|
Generate the additional controller code before compiling the project:
|
||||||
|
`scripts/update-codegen.sh`
|
||||||
|
|
||||||
|
Then you can build the controller:
|
||||||
|
`go build .`
|
||||||
|
|
||||||
|
# Installation
|
||||||
|
|
||||||
|
There are 2 possible ways to install and use the controller: for **development** and for **production**
|
||||||
|
|
||||||
|
# For development
|
||||||
|
|
||||||
|
_At the time of this writing, only this installation method worked_
|
||||||
|
|
||||||
|
1. Open your `~/.kube/config` file and copy the value of `certificate-authority-data` to the clipboard
|
||||||
|
2. Open `crd/MutatingWebhookConfiguration_local.yaml` and replace `${CA_BUNDLE}` with the contents of clipboard
|
||||||
|
3. Open `~/.kube/config` again and copy the ip of the `server` value, for example `192.168.10.117`
|
||||||
|
4. Run `scripts/deploy-controller.sh --service=localhost --serverIp=<server_IP>` where `<server_IP>` is a server from clipboard. This scripts will generate TLS certificate for webhook server and register this webhook in the cluster. Also it registers CustomResource `Policy`.
|
||||||
|
5. Start controller: `sudo kube-policy --cert=certs/server.crt --key=certs/server-key.pem --kubeconfig=~/.kube/config`
|
||||||
|
|
||||||
|
# For production
|
||||||
|
|
||||||
|
_To be implemented_
|
|
@ -37,7 +37,10 @@ if [ -z "${namespace}" ]; then # controller should be launched locally
|
||||||
kubectl delete -f crd/MutatingWebhookConfiguration_local.yaml
|
kubectl delete -f crd/MutatingWebhookConfiguration_local.yaml
|
||||||
kubectl create -f crd/MutatingWebhookConfiguration_local.yaml || exit 3
|
kubectl create -f crd/MutatingWebhookConfiguration_local.yaml || exit 3
|
||||||
|
|
||||||
echo -e "\n### You can build and run kube-policy project locally.\n### To check its work, run it with parameters -cert and -key, which contain generated TLS certificate and key (see their paths in log above)."
|
kubectl delete -f crd/crd.yaml
|
||||||
|
kubectl create -f crd/crd.yaml || exit 3
|
||||||
|
|
||||||
|
echo -e "\n### You can build and run kube-policy project locally.\n### To check its work, run it with parameters -cert, -key and -kubeconfig parameters (see paths of -cert and -key in the log above)."
|
||||||
|
|
||||||
else # controller should be launched within a cluster
|
else # controller should be launched within a cluster
|
||||||
|
|
||||||
|
@ -60,6 +63,9 @@ else # controller should be launched within a cluster
|
||||||
kubectl delete -f crd/MutatingWebhookConfiguration.yaml
|
kubectl delete -f crd/MutatingWebhookConfiguration.yaml
|
||||||
kubectl create -f crd/MutatingWebhookConfiguration.yaml || exit 3
|
kubectl create -f crd/MutatingWebhookConfiguration.yaml || exit 3
|
||||||
|
|
||||||
|
kubectl delete -f crd/crd.yaml
|
||||||
|
kubectl create -f crd/crd.yaml || exit 3
|
||||||
|
|
||||||
echo -e "\n### Controller is running in cluster.\n### You can use compile-image.sh to rebuild its image and then the current script to redeploy the controller.\n### Check its work by 'kubectl logs <controller_pod> command'"
|
echo -e "\n### Controller is running in cluster.\n### You can use compile-image.sh to rebuild its image and then the current script to redeploy the controller.\n### Check its work by 'kubectl logs <controller_pod> command'"
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
data:
|
|
||||||
properties:
|
|
||||||
arms=3
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: test-configmap
|
|
||||||
labels:
|
|
||||||
label1: test1
|
|
||||||
label2: test2
|
|
Loading…
Add table
Reference in a new issue