Skip to content

Commit

Permalink
Add webhook configuration into all_in_one (openkruise#50)
Browse files Browse the repository at this point in the history 
* Add webhook configuration into all_in_one, disable leaderelection by default

* fix Makefile

* update image in all_in_one

* update image in all_in_one
  • Loading branch information
@FillZpp @jian-he
FillZpp authored and jian-he committed Jun 27, 2019
1 parent cd4ab9f commit 61d6e84
Show file tree
Hide file tree
Showing 18 changed files with 170 additions and 1,680 deletions.
1 change: 0 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ deploy: manifests
# Generate manifests e.g. CRD, RBAC etc.
manifests:
go run vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go all
cp config/crds/*.yaml ./install/kruise/templates/

# Run go fmt against code
fmt:
Expand Down
19 changes: 12 additions & 7 deletions cmd/manager/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,11 @@ import (

func main() {
var metricsAddr string
var enableLeaderElection bool
var leaderElectionNamespace string
var namespace string
flag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.")
flag.BoolVar(&enableLeaderElection, "enable-leader-election", false, "Whether you need to enable leader election.")
flag.StringVar(&leaderElectionNamespace, "leader-election-namespace", "kruise-system",
"This determines the namespace in which the leader election configmap will be created, it will use in-cluster namespace if empty.")
flag.StringVar(&namespace, "namespace", "",
Expand All @@ -58,13 +60,16 @@ func main() {

// Create a new Cmd to provide shared dependencies and start components
log.Info("setting up manager")
mgr, err := manager.New(cfg, manager.Options{
MetricsBindAddress: metricsAddr,
LeaderElection: true,
LeaderElectionID: "kruise-manager",
LeaderElectionNamespace: leaderElectionNamespace,
Namespace: namespace,
})
managerOptions := manager.Options{
MetricsBindAddress: metricsAddr,
Namespace: namespace,
}
if enableLeaderElection {
managerOptions.LeaderElection = true
managerOptions.LeaderElectionID = "kruise-manager"
managerOptions.LeaderElectionNamespace = leaderElectionNamespace
}
mgr, err := manager.New(cfg, managerOptions)
if err != nil {
log.Error(err, "unable to set up overall controller manager")
os.Exit(1)
Expand Down
1 change: 0 additions & 1 deletion config/crds/apps_v1alpha1_statefulset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,6 @@ spec:
required:
- selector
- template
- serviceName
type: object
status:
properties:
Expand Down
1 change: 1 addition & 0 deletions config/default/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ namePrefix: kruise-
resources:
- ../rbac/rbac_role.yaml
- ../rbac/rbac_role_binding.yaml
- ../manager/webhookconfiguration.yaml
- ../manager/manager.yaml
# Comment the following 3 lines if you want to disable
# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
Expand Down
79 changes: 78 additions & 1 deletion config/manager/all_in_one.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,83 @@ rules:
- patch
- delete
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: kruise-mutating-webhook-configuration
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: kruise-validating-webhook-configuration
webhooks:
- clientConfig:
service:
name: kruise-webhook-server-service
namespace: kruise-system
path: /validating-create-update-broadcastjob
failurePolicy: Fail
name: validating-create-update-broadcastjob.kruise.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- broadcastjobs
sideEffects: Unknown
- clientConfig:
service:
name: kruise-webhook-server-service
namespace: kruise-system
path: /validating-create-update-sidecarset
failurePolicy: Fail
name: validating-create-update-sidecarset.kruise.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sidecarsets
sideEffects: Unknown
- clientConfig:
service:
name: kruise-webhook-server-service
namespace: kruise-system
path: /validating-create-update-statefulset
failurePolicy: Fail
name: validating-create-update-statefulset.kruise.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- statefulsets
sideEffects: Unknown
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
Expand Down Expand Up @@ -233,7 +310,7 @@ spec:
fieldPath: metadata.namespace
- name: SECRET_NAME
value: kruise-webhook-server-secret
image: registry.cn-beijing.aliyuncs.com/workshopdem/kruise-manager:daily
image: openkruise/kruise-manager:daily
imagePullPolicy: Always
name: manager
ports:
Expand Down
9 changes: 2 additions & 7 deletions config/manager/manager.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,24 +22,19 @@ spec:
- port: 443
---
apiVersion: apps/v1
kind: Deployment
kind: StatefulSet
metadata:
name: controller-manager
namespace: system
labels:
control-plane: controller-manager
controller-tools.k8s.io: "1.0"
spec:
replicas: 3
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
controller-tools.k8s.io: "1.0"
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 100%
type: RollingUpdate
template:
metadata:
labels:
Expand Down
76 changes: 76 additions & 0 deletions config/manager/webhookconfiguration.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: kruise-mutating-webhook-configuration
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: kruise-validating-webhook-configuration
webhooks:
- clientConfig:
service:
name: kruise-webhook-server-service
namespace: kruise-system
path: /validating-create-update-broadcastjob
failurePolicy: Fail
name: validating-create-update-broadcastjob.kruise.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- broadcastjobs
sideEffects: Unknown
- clientConfig:
service:
name: kruise-webhook-server-service
namespace: kruise-system
path: /validating-create-update-sidecarset
failurePolicy: Fail
name: validating-create-update-sidecarset.kruise.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sidecarsets
sideEffects: Unknown
- clientConfig:
service:
name: kruise-webhook-server-service
namespace: kruise-system
path: /validating-create-update-statefulset
failurePolicy: Fail
name: validating-create-update-statefulset.kruise.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- statefulsets
sideEffects: Unknown
13 changes: 0 additions & 13 deletions install/kruise/Chart.yaml
View file

This file was deleted.

14 changes: 0 additions & 14 deletions install/kruise/README.md
View file

This file was deleted.

Loading

0 comments on commit 61d6e84

Please sign in to comment.