Creating a Gocipher
Creating a Gocipher is only possible with a specific access right.
The creator of the Gocipher gains immediate rights to edit any of its characteristics.
When creating a Gocipher you have to:
- Name it
- Install it
- (option) Share it with teams or users
And then, the Gocipher may capture TLS secrets for your Whisperers.
A Gocipher does not require any specific configuration to work in Kubernetes.
As standalone you need to provide as configuration the targets that you want the Gocipher to watch.
This page is only about the first step.
Gocipher creation
Controller creation is done in the Gocipher list popin with the New Gocipher
button.
The new Gocipher details opens with default settings.
- The Gocipher is created with a random name (UUID).
- Users and teams sharing list are blank
- Key pair for installation is absent
Customize its identification
The first action is to:
- Adjust the name 😉
There is no uniqueness constraints on Gocipher name.
But it is best to have a meaningful name when selecting it later on!
Usually, the Gocipher matches to one Kubernetes cluster. But if you have many Controllers for security, you may need many Gociphers. In the first case, the best practice is to name it against the name of your cluster.
Only the owner of the Gocipher, or an administrator, may currently change its name.
That seemed enough, so I limited development. 😜