Skip to content

Commit

Permalink
inject certificate for vcsim
Browse files Browse the repository at this point in the history 
Signed-off-by: Arik Hadas <[email protected]>
  • Loading branch information
@ahadas
ahadas committed Jan 24, 2024
1 parent b5cf04e commit 6bca908
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 0 deletions.
1 change: 1 addition & 0 deletions cluster/providers/vmware/setup.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ set -ex
[ -z "${NFS_SHARE}" ] && { echo "Provider cannot be installed - NFS_SHARE env required" ; return 2 ;}


kubectl apply -f ./cluster/providers/vmware/vcsim_certificate.yml
kubectl apply -f ./cluster/providers/vmware/vcsim_deployment.yml

while ! kubectl get deployment -n konveyor-forklift vcsim; do sleep 5; done
Expand Down
19 changes: 19 additions & 0 deletions cluster/providers/vmware/vcsim_certificate.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: vcsim-certificate
namespace: konveyor-forklift
spec:
isCA: true
dnsNames:
- vcsim.konveyor-forklift
commonName: vcsim-certificate
secretName: vcsim-certificate
privateKey:
algorithm: ECDSA
size: 256
issuerRef:
name: forklift-issuer
kind: Issuer
group: cert-manager.io
9 changes: 9 additions & 0 deletions cluster/providers/vmware/vcsim_deployment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,18 @@ spec:
spec:
containers:
- name: vcsim
command: ["/vcsim", "-l", "0.0.0.0:8989", "-tlscert", "/etc/secret/tls.crt", "-tlskey", "/etc/secret/tls.key"]
image: docker.io/vmware/vcsim:latest
ports:
- containerPort: 8989
volumeMounts:
- mountPath: /etc/secret
name: vcsim-certificate
volumes:
- name: vcsim-certificate
secret:
secretName: vcsim-certificate
defaultMode: 420
---
apiVersion: v1
kind: Service
Expand Down

0 comments on commit 6bca908

Please sign in to comment.