spire icon indicating copy to clipboard operation
spire copied to clipboard

Published 20 hours ago verified publisher icon spiffe

Provide installation steps for the k8s-workload-registrar (+ webhook example in quick start)

Open Dentrax opened this issue 3 years ago • 4 comments

It had better to provide some quick start navigation the README.md. We had to find the mode-crd folder, which is a bit hard to figure it out at the beginning.

Furthermore, we can add webhook example in the spire-tutorials/k8s/quickstart.

What do you think?

@developer-guy

Dentrax avatar Dec 14 '21 21:12 Dentrax

It had better to provide some quick start navigation the README.md. We had to find the mode-crd folder, which is a bit hard to figure it out at the beginning.

We have some links to the quickstarts on the website currently, but the k8s quickstart doesn't use the registrar 🤔 @sanderson042 I thought I recall someone working on adding that?

We should really just have one quickstart for k8s 😬

Furthermore, we can add webhook example in the spire-tutorials/k8s/quickstart.

We've been discouraging folks from using webhook mode for some time now. CRD mode is the one we recommend, and the whole mode situation in general is a legacy soup that we're trying to clean up. Please have a look at the new spire-controller-manager ... it's still very early but we'd love your feedback

https://github.com/spiffe/spire-controller-manager

evan2645 avatar Jan 03 '22 19:01 evan2645

Thanks for the clarification @evan2645! I didn't notice spire-controller-manager. Definitely look into it!

To summarize up, how should we proceed here? Should we write some documentation about the webhook and contoller-manager to clarify the installation process?

Dentrax avatar Jan 10 '22 11:01 Dentrax

Hi all,

Evan, I think you are referring to the PR below from @lucianozablocki . The last I remember, you had a phone call with him and he agreed to make some changes based on that conversation. I don't think the doc is intended as a standalone k8s tutorial but rather as a complement to the existing k8s tutorial (but it sounds like that is what is needed...). I've pinged him and will let you know if he's still working on it.

PR: https://github.com/spiffe/spire-tutorials/pull/59

Doc for PR: https://github.com/spiffe/spire-tutorials/blob/76a63685beac1e7f48ad3b2ee40374f206bab34c/k8s/k8s-workload-registrar/README.md

sanderson042 avatar Jan 10 '22 19:01 sanderson042

Update: Luciano is on vacation now but hopes to resume work on the k8s workload registrar tutorial after his vacation.

sanderson042 avatar Jan 10 '22 20:01 sanderson042

Closing this since k8s-workload-registrar is now deprecated.

rturner3 avatar May 15 '23 19:05 rturner3