Ron Stone 810927b055 Replace container tags

Replace hard coded tag values with subsitutions

Signed-off-by: Ron Stone <ronald.stone@windriver.com>
Change-Id: I76aa5e8dc1870f5496b303f482a651d524fea3ce

2023-01-30 10:19:18 -05:00

1.3 KiB

Raw Blame History

Enable Use of cert-manager-acmesolver Image in a Particular Namespace

When an arbitrary user creates a certificate with an external , cert-manager dynamically creates the cert-manager-acmesolver pod and an ingress in the user-specified namespace in order to handle the http01 challenge from the external CA.

In order to pull the registry.local:9001:/public/cert-manager-acmesolver: image from the local registry, the credentials for the public repository must be in a secret and referenced in an ImagePullSecret in the default serviceAccount of that user-specified namespace.

Execute the following commands, substituting your deployment-specific value for <USERNAMESPACE>.

% kubectl get secret registry-local-public-key -n kube-system -o yaml | grep -v '^\s*namespace:\s'  | kubectl apply --namespace=<USERNAMESPACE> -f -

% kubectl patch serviceaccount default  -p "{\"imagePullSecrets\": [{\"name\": \"registry-local-public-key\"}]}" -n <USERNAMESPACE>

1.3 KiB Raw Blame History

Enable Use of cert-manager-acmesolver Image in a Particular Namespace

1.3 KiB

Raw Blame History