To bootstrap (per the cert-manager getting started guide):
-
Have access to the GKE cluster
aaa. -
First time install, someone with
cluster-adminpermissions needs to setup the followingclusterrolebinding:
kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value core/account)- From the
apps/cert-managerdirectory run:
./deploy.shThis will set up cluster-wide webhooks and issuers, you can subsequently create
Certificate resources in other namespaces without repeating these steps.