Open ghost opened 5 years ago
You need to generate a new cert by using ./gen-certs.sh
in pki folder.
In addition to that, you need to base64 encode the pki/ca.pem
file generated above and replace the caBundle
field in kubernetes/validating-webhook-configuration.yaml
. I also recommend you change the failurePolicy
to Fail
for easier debugging.
I tried following the instructions to test admission webhooks, but with step testing-the-admission-webhook, nginx pod was created without the expected error
[The "" is invalid: : No matched signatures for container image: nginx:1.13]
.I further looked at the logs of
image-signature-webhook
pod and found the exception2019/01/24 16:17:26 http: TLS handshake error from 192.168.65.3:44394: remote error: tls: bad certificate
.I am trying on minikube instance.
kubectl version
- Arvind