chainctl clusters install
chainctl clusters install
Install Chainguard into the current kubernetes context.
chainctl clusters install [--name NAME] [--description DESCRIPTION] [--parent ORGANIZATION_NAME|ORGANIZATION_NAME_ID|FOLDER_NAME|FOLDER_ID | --invite-code INVITE_CODE | --skip-invite | --cluster=CLUSTER_NAME | --private]
Examples
# Install or Update the chainguard agent on a cluster.
chainctl cluster install --skip-invite
# Install or Update the chainguard agent on a cluster with private API endpoint
chainctl cluster install --private
# Install the Chainguard agent with an explicit invite code.
chainctl cluster install --invite-code=INVITE_CODE
# Install the Chainguard agent using a temporary invite code under the organization
# with ID "ORG_ID".
chainctl cluster install --parent=ORG_ID
# Install the Chainguard agent enabling a fail open policy mode.
chainctl cluster install --opt=webhook_fail_open=true
# Install the Chainguard agent using a temporary invite code under a location
# determined via an interactive prompt.
chainctl cluster install
Options
--context string Indicates the name of the context (in kubectl) to be connect to Chainguard.
-d, --description string The description of the resource.
--gcp-serviceaccount-file string The path to a GCP service account JSON key file.
-h, --help help for install
--invite-code string An invite code to use for joining this cluster into the IAM hierarchy.
-n, --name string Given name of the resource.
--opt strings extra key=value pairs to define enforcer profile options
--parent string The location under which to create a temporary invite code and install the cluster.
--private Kubernetes API endpoint isn't publicly accessible.
--profiles stringArray The names of Chainguard profiles to install into the cluster.
--skip-invite When specified we perform installation without an invite code.
Options inherited from parent commands
--api string The url of the Chainguard platform API. (default "https://console-api.enforce.dev")
--audience string The Chainguard token audience to request. (default "https://console-api.enforce.dev")
--config string A specific chainctl config file. Uses CHAINCTL_CONFIG environment variable if a file is not passed explicitly.
--console string The url of the Chainguard platform Console. (default "https://console.enforce.dev")
--issuer string The url of the Chainguard STS endpoint. (default "https://issuer.enforce.dev")
-o, --output string Output format. One of: ["", "json", "id", "table", "terse", "tree", "wide"]
-v, --v int Set the log verbosity level.
SEE ALSO
- chainctl clusters - Cluster related commands for the Chainguard platform.
Last updated: 2024-03-20 19:45