This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Installation

Overview on available installation methods

clustersecret-operator introduces one custom resource type, clustersecrets.core.cs.sap.com, with kind ClusterSecret. The according definitions can be found here. This definition must be deployed before the executables provided by this repository can be started. The core of the clustersecret-operator installation are the controller and webhook executables built from this repository. Docker images are available here:

  • controller: ghcr.io/sap/clustersecret-operator/controller
  • webhook: ghcr.io/sap/clustersecret-operator/webhook

A complete deployment consists of:

  • the custom resource definition
  • the controller deployment
  • the webhook deployment
  • rbac objects for controller and webhook (service accounts, (cluster) roles, according (cluster) role bindings)
  • a service for the webhooks
  • webhook configurations.

Note that it is highly recommended to always activate the webhooks, as they are not only validating, but also adding essential defaulting logic. Running without this mutating functionality might lead to unexpected behavior.

The following deployment methods are available (recommended is Helm).

1 - Helm

Installation by Helm

Helm deployment

The recommended way to deploy clustersecret-operator is to use the Helm chart, also available in packaged form:

The chart does not require any mandatory parameters, so deploying clustersecret-operator is as easy as

helm repo add clustersecret-operator https://sap.github.io/clustersecret-operator-helm
helm -n clustersecret-operator upgrade -i clustersecret-operator clustersecret-operator/clustersecret-operator