profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/christopherhein/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Christopher Hein christopherhein San Jose https://hein.dev Engineer | Dev Advocate | Kubernetes | CNCF Ambassador (CNA) | Certified Kubernetes Administrator (CKA) | Certified Kubernetes Application Developer (CKAD)

awsctrl/manager 16

Production grade Kubernetes controller for managing AWS Services using CRDs

christopherhein/backbone-rails 4

Easily use backbone.js with rails 3.1

christopherhein/aws-container-migration-workshop 3

AWS Container Migration Workshop

christopherhein/add-this 1

add this ruby wrapper.

christopherhein/amazon-ecs-interstella-workshop 1

Amazon ECS Interstella Workshops CON209/318/319/407

christopherhein/Animation-AS3-Libraries 1

Particle System AS3 Library, Progress Bar Library, and a 3d Plane Library

christopherhein/async-rails 1

async Rails 3 stack demo

christopherhein/aws-service-operator 1

AWS Service Operator allows you to create AWS resources using kubectl.

christopherhein/a-website 0

AWS Controller website and documentation

christopherhein/ace-rails-ap 0

The Ajax.org Cloud9 Editor (Ace) for the Rails 3.1 asset pipeline.

push eventkubernetes-sigs/cluster-api-provider-nested

Charles Zheng

commit sha 61794f1e944f62e96910c97591903e8389c382ac

use self-signed certificate for the virtualcluster webhook server

view details

Kubernetes Prow Robot

commit sha d7e67fda1626f07c9564388c3e5b23d0ad259d55

Merge pull request #145 from charleszheng44/bug/issue/125 🐛 use self-signed certificate for the virtualcluster webhook server

view details

push time in 2 hours

PR merged kubernetes-sigs/cluster-api-provider-nested

Reviewers
🐛 use self-signed certificate for the virtualcluster webhook server approved cncf-cla: yes lgtm size/L

<!-- please add a icon to the title of this PR (see https://sigs.k8s.io/cluster-api/VERSIONING.md), and delete this line and similar ones --> <!-- the icon will be either ⚠️ (:warning:, major or breaking changes), ✨ (:sparkles:, feature additions), 🐛 (:bug:, patch and bugfixes), 📖 (:book:, documentation or proposals), or 🌱 (:seedling:, minor or other) -->

What this PR does / why we need it:

Use a self-signed certificate for the virtual cluster webhook. See issue #125 for more details.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged): fixes #125

+101 -220

6 comments

2 changed files

charleszheng44

pr closed time in 2 hours

issue closedkubernetes-sigs/cluster-api-provider-nested

🐛 Webhook caBundle issues for Virtual Cluster

Not dig in too much to the code, but in my env, the webhook for VirtualCluster not work. I get this when I try to create VirtualCluster:

Error from server (InternalError): error when creating "virtualcluster_1_nodeport.yaml": Internal error occurred: failed calling webhook "virtualcluster.validating.webhook": Post "https://virtualcluster-webhook-service.vc-manager.svc:9443/validate-tenancy-x-k8s-io-v1alpha1-virtualcluster?timeout=30s": x509: certificate signed by unknown authority

Then i check the ValidatingWebhookConfiguration and there is no caBundle at all in virtualcluster-validating-webhook-configuration.

After I modify the virtualcluster-validating-webhook-configuration and set the caBundle with the cluster's CA, everything works as exppected.

Seems we do not set the caBundle, am i missing something?

closed time in 2 hours

vincent-pli

pull request commentkubernetes-sigs/cluster-api-provider-nested

🐛 use self-signed certificate for the virtualcluster webhook server

@christopherhein I prefer using cert-manager to manage all certifications. But do you think it would be an overkill to deploy cert-manager to just manage the certification for the webhook server. Or we can use the cert-manager to manage all certifications for VC control plane components. However, I think we will use the CAPN to replace the VC native mode, and maybe we should import the cert-manager by then? We can use the cert-manager to manage certifications for all components (i.e., CAPN control plane components and VC webhook servers).

charleszheng44

comment created time in 2 hours

release hoverinc/gha-yarn-cache

v2.1.0

released time in 3 hours

pull request commentkubernetes-sigs/cluster-api-provider-nested

🐛 use self-signed certificate for the virtualcluster webhook server

@vincent-pli The VC should be able to run on Kind after this PR is merged.

@christopherhein @Fei-Guo

charleszheng44

comment created time in 3 hours

pull request commentkubernetes-sigs/cluster-api-provider-nested

🐛 use self-signed certificate for the virtualcluster webhook server

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: <a href="https://github.com/kubernetes-sigs/cluster-api-provider-nested/pull/145#" title="Author self-approved">charleszheng44</a>

The full list of commands accepted by this bot can be found here.

The pull request process is described here

<details > Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment </details> <!-- META={"approvers":[]} -->

charleszheng44

comment created time in 3 hours

PR opened kubernetes-sigs/cluster-api-provider-nested

🐛 use self-signed certificate for the virtualcluster webhook server

<!-- please add a icon to the title of this PR (see https://sigs.k8s.io/cluster-api/VERSIONING.md), and delete this line and similar ones --> <!-- the icon will be either ⚠️ (:warning:, major or breaking changes), ✨ (:sparkles:, feature additions), 🐛 (:bug:, patch and bugfixes), 📖 (:book:, documentation or proposals), or 🌱 (:seedling:, minor or other) -->

What this PR does / why we need it:

Use a self-signed certificate for the virtual cluster webhook. See issue #125 for more details.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged): fixes #125

+101 -220

0 comment

2 changed files

pr created time in 3 hours

fork micahhausler/hegel

The gRPC/http metadata service for Tinkerbell.

https://tinkerbell.org

fork in 4 hours

issue commentkubernetes-sigs/cluster-api-provider-nested

✨ [VC] Support Staging Releases for VC code base

@christopherhein Want to confirm with you that: the target here is to:

Whenever there is code merge in virtualcluster, the image build should also trigger from CAPN by make release?

Because you said: this will be handled in the make release changes. But what if there is no release at the time when the code changes happened in virutalcluster? Should we also handle this for staging release?

And btw, I did not find any steps for prod images pushing. The release tag just updates the manifests. Did I miss anything?

christopherhein

comment created time in 12 hours

fork stefanprodan/flux2-kustomize-helm-example

A GitOps workflow example for multi-env deployments with Flux, Kustomize and Helm.

https://toolkit.fluxcd.io

fork in 14 hours

startedFreeRDP/FreeRDP

started time in a day

startedbenjcal/zltt

started time in a day

created repositorytodogroup/artwork

TODO and OSPO Artwork

created time in a day

startedkonveyor/tackle

started time in a day

release mhausenblas/mkdocs-deploy-gh-pages

1.20

released time in a day

startedgoogle/oss-vulnerability-guide

started time in 2 days

startedskooner-k8s/skooner

started time in 2 days

startedCall-for-Code-for-Racial-Justice/Open-Sentencing

started time in 2 days

startedkubesphere/kubesphere

started time in 2 days

startedcue-sh/unity

started time in 2 days

issue commentkubernetes-sigs/cluster-api-provider-nested

📖 Update docs/README.md with virtualcluster flavor

@christopherhein OK. Thanks for the info. It seems there are couples of items should be achived before this one. I will have my eye on this.

christopherhein

comment created time in 2 days

starteddolthub/dolt

started time in 2 days

fork Jeffwan/agones

Dedicated Game Server Hosting and Scaling for Multiplayer Games on Kubernetes

https://agones.dev

fork in 3 days

fork pahud/docker-magento2

Docker image for Magento 2

fork in 3 days

startedyogeshkk/K8sPurger

started time in 3 days

startedardanlabs/gotraining

started time in 3 days

push eventkubernetes-sigs/cluster-api-provider-nested

Chris Hein

commit sha 113a4db53b4090f80bb2ca22d1c687ddf45fc21e

adding back original all_in_one.yaml for VC Signed-off-by: Chris Hein <me@chrishein.com>

view details

Kubernetes Prow Robot

commit sha 98db46250e824116cd68ae59f243596e494f222d

Merge pull request #144 from christopherhein/all-in-one 🐛 Adding back original all_in_one.yaml for VC

view details

push time in 3 days