README
¶
podpreset-webhook
Implementation of the now deprecated Kubernetes PodPreset feature as an Admission Webhook.
Overview
Kubernetes features the ability to inject certain information into pods at creation time including secrets, volumes, volume mounts, and environment variables. Admission Webhooks are implemented as a webserver which receive requests from the Kubernetes API. A CustomResourceDefinition (CRD) called PodPreset in the redhatcop.redhat.io API group has an identical specification to the upstream API resource.
The following is an example of a PodPreset that injects an environment variable called FOO to pods with the label role: frontend
apiVersion: redhatcop.redhat.io/v1alpha1
kind: PodPreset
metadata:
name: frontend
spec:
env:
- name: FOO
value: bar
selector:
matchLabels:
role: frontend
The goal is to be fully compatible with the existing Kubernetes resource.
Installation
The following steps describe the various methods for which the solution can be deployed:
Basic Deployment
Prerequisites
cert-manager is required to be deployed and available to generate and manage certificates needed by the webhook. Use any of the supported installation methods available.
Deployment
Execute the following command which will facilitate a deployment to a namespace called podpreset-webhook
make deploy IMG=quay.io/redhat-cop/podpreset-webhook:latest
Example Implementation
Utilize the following steps to demonstrate the functionality of the PodPreset's in a cluster.
-
Deploy any applications (as a DeploymentConfig or Deployment)
-
Create the PodPreset
kubectl apply -f config/samples/redhatcop_v1alpha1_podpreset.yaml
- Label the resource
kubectl patch deployment/<name> -p '{"spec":{"template":{"metadata":{"labels":{"role":"frontend"}}}}}'
Verify any new pods have the environment variable FOO=bar
Development
Building/Pushing the operator image
export repo=redhatcopuser #replace with yours
docker login quay.io/$repo/podpreset-webhook
make docker-build IMG=quay.io/$repo/podpreset-webhook:latest
make docker-push IMG=quay.io/$repo/podpreset-webhook:latest
Deploy to OLM via bundle
make manifests
make bundle IMG=quay.io/$repo/podpreset-webhook:latest
operator-sdk bundle validate ./bundle --select-optional name=operatorhub
make bundle-build BUNDLE_IMG=quay.io/$repo/podpreset-webhook-bundle:latest
docker login quay.io/$repo/podpreset-webhook-bundle
docker push quay.io/$repo/podpreset-webhook-bundle:latest
operator-sdk bundle validate quay.io/$repo/podpreset-webhook-bundle:latest --select-optional name=operatorhub
oc new-project podpreset-webhook
operator-sdk cleanup podpreset-webhook -n podpreset-webhook
operator-sdk run bundle -n podpreset-webhook quay.io/$repo/podpreset-webhook-bundle:latest
Cleaning up
operator-sdk cleanup podpreset-webhook -n podpreset-webhook
oc delete operatorgroup operator-sdk-og
oc delete catalogsource podpreset-webhook-catalog
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
api
|
|
|
v1alpha1
Package v1alpha1 contains API Schema definitions for the redhatcop v1alpha1 API group +kubebuilder:object:generate=true +groupName=redhatcop.redhat.io
|
Package v1alpha1 contains API Schema definitions for the redhatcop v1alpha1 API group +kubebuilder:object:generate=true +groupName=redhatcop.redhat.io |
|
pkg
|
|