Articles in this section

Install Deepfactor Mutating Webhook Follow

Avatar
DeepFactor Support
  • Updated
 

 

Introduction

This document provides step by step guide to installing Deepfactor Mutating Admission Controller Webhook via helm charts.
 

Generate Certificate for Deepfactor Admission webhook

Generate the certificate for webhook this with the following command:

rm -rf webhook-certs
export HELM_RELEASE_NAME=df-webhook-stable
export HELM_RELEASE_NAMESPACE=df-webhook
bash -c "$(curl -L https://static.deepfactor.io/scripts/public/df-webhook/cert-gen/certgen.sh)"

On successful completion, you will find the following three files under the certs directory.

  • ca.crt
  • tls.crt
  • tls.key
 

Add Deepfactor Helm

 
RepositoryAdd Deepfactor Helm Repository using the commands below. If you do not have helm installed, please click here.
helm repo add deepfactor https://static.deepfactor.io/helm-charts
helm repo update
helm show values deepfactor/webhook \
| grep -A100 -e 'webhookconfig:' | tee webhook-override.yaml
 
You will need to enter the Deepfactor run token in the webhookconfig section of the webhook-override.yaml. You can get this token from the Deepfactor portal UI.

Create webhook-override.yaml

 
Create webhook-override.yaml or specify the config via CLI parameters for helm installation. Following is a sample webhook-override.yaml for the webhook. For detailed description pls refer to How To Configure Deepfactor Webhook Mutation Config
 
webhookconfig:
  # Possible values are: namespace, podspec
  # appNameSource: "namespace"
  # httpProxy: ""
  # httpsProxy: ""
  dfRunToken: "ey..."
  namespaces:
  - name: "df1"
    appName: "bmc-demo"
    componentNameSource: "ImageAndTag"
    componentVersionSource: "ImageID"
 
Example helm CLI alternative:
--set webhookconfig.dfRunToken=$(cat ~/df-run-token.jwt) \
--set webhookconfig.namespaces[0].name="df1"

 

Install Deepfactor Mutating Admission Webhook

Now that you have set up your webhook-override.yaml, install the Deepfactor webhook using the command below:
helm upgrade --install $HELM_RELEASE_NAME -n $HELM_RELEASE_NAMESPACE deepfactor/webhook \
--set-file=webhook.ca.crt=webhook-certs/ca.crt \
--set-file=webhook.tls.crt=webhook-certs/tls.crt \
--set-file=webhook.tls.key=webhook-certs/tls.key \
--create-namespace -f webhook-override.yaml
 

Update Deepfactor Webhook

The certificate need not be generated during the upgrade but if it is changed and is provided, it will be updated. You may follow the instructions provided above to generate certificates.

helm upgrade --install df-webhook-stable -n df-webhook deepfactor/webhook --reuse-values -f webhook-override.yaml
 

Uninstall Deepfactor Webhook

helm uninstall df-webhook-stable -n df-webhook
 
 

 
 

Related articles

Comments

0 comments

Please sign in to leave a comment.