Skip to content

A Kubernetes mutating webhook server that implements sidecar injection

License

Notifications You must be signed in to change notification settings

PGDream/admission-webhook-example

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Kubernetes Admission Webhook example

This tutoral shows how to build and deploy an AdmissionWebhook.

The Kubernetes documentation contains a common set of recommended labels that allows tools to work interoperably, describing objects in a common manner that all tools can understand. In addition to supporting tooling, the recommended labels describe applications in a way that can be queried. In our validating webhook example we make these labels required on deployments and services, so this webhook rejects every deployment and every service that doesn’t have these labels set. The mutating webhook in the example adds all the missing required labels with not_available set as the value.

Prerequisites

Kubernetes 1.9.0 or above with the admissionregistration.k8s.io/v1beta1 API enabled. Verify that by the following command:

kubectl api-versions | grep admissionregistration.k8s.io/v1beta1

The result should be:

admissionregistration.k8s.io/v1beta1

In addition, the MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controllers should be added and listed in the correct order in the admission-control flag of kube-apiserver.

Build

Build and push docker image

./build

How does it work?

We have a blog post that explains webhooks in depth with the help of this example. Check it out!

About

A Kubernetes mutating webhook server that implements sidecar injection

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 71.9%
  • Shell 27.4%
  • Dockerfile 0.7%