From 916cd530f6b4c992d16f571933fe128ed299453b Mon Sep 17 00:00:00 2001 From: rajat-0 Date: Wed, 30 Jan 2019 00:29:11 +0000 Subject: [PATCH] Allow vpa-admission-controler to installl on specific path --- .../pkg/admission-controller/config.go | 18 ++++++++++-------- .../pkg/admission-controller/main.go | 11 ++++++++--- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/vertical-pod-autoscaler/pkg/admission-controller/config.go b/vertical-pod-autoscaler/pkg/admission-controller/config.go index c1f88ae5d70..c831078b1c3 100644 --- a/vertical-pod-autoscaler/pkg/admission-controller/config.go +++ b/vertical-pod-autoscaler/pkg/admission-controller/config.go @@ -82,7 +82,7 @@ func configTLS(clientset *kubernetes.Clientset, serverCert, serverKey []byte) *t // register this webhook admission controller with the kube-apiserver // by creating MutatingWebhookConfiguration. -func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace *string) { +func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace *string, url string, registerByURL bool) { time.Sleep(10 * time.Second) client := clientset.AdmissionregistrationV1beta1().MutatingWebhookConfigurations() _, err := client.Get(webhookConfigName, metav1.GetOptions{}) @@ -91,6 +91,14 @@ func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace glog.Fatal(err2) } } + RegisterClientConfig := v1beta1.WebhookClientConfig{} + if !registerByURL { + RegisterClientConfig.Service.Name = *namespace + RegisterClientConfig.Service.Name = "vpa-webhook" + } else { + RegisterClientConfig.URL = url + } + RegisterClientConfig.CABundle = caCert webhookConfig := &v1beta1.MutatingWebhookConfiguration{ ObjectMeta: metav1.ObjectMeta{ Name: webhookConfigName, @@ -115,13 +123,7 @@ func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace Resources: []string{"verticalpodautoscalers"}, }, }}, - ClientConfig: v1beta1.WebhookClientConfig{ - Service: &v1beta1.ServiceReference{ - Namespace: *namespace, - Name: "vpa-webhook", - }, - CABundle: caCert, - }, + ClientConfig: RegisterClientConfig, }, }, } diff --git a/vertical-pod-autoscaler/pkg/admission-controller/main.go b/vertical-pod-autoscaler/pkg/admission-controller/main.go index d244cf60edf..1f01fca1626 100644 --- a/vertical-pod-autoscaler/pkg/admission-controller/main.go +++ b/vertical-pod-autoscaler/pkg/admission-controller/main.go @@ -18,6 +18,7 @@ package main import ( "flag" + "fmt" "net/http" "os" "time" @@ -41,8 +42,11 @@ var ( tlsPrivateKey: flag.String("tls-private-key", "/etc/tls-certs/serverKey.pem", "Path to server certificate key PEM file."), } - address = flag.String("address", ":8944", "The address to expose Prometheus metrics.") - namespace = os.Getenv("NAMESPACE") + address = flag.String("address", ":8944", "The address to expose Prometheus metrics.") + namespace = os.Getenv("NAMESPACE") + webhookAddress = flag.String("webhookHostName", "", "Address under which webhook is registered. Used when registerByURL is set to true.") + webhookPort = flag.String("Server Port", "", "Server Port for Webhook") + registerByURL = flag.Bool("registerByURL", false, "If set to true, admission webhook will be registered by URL (webhookAddress:webhookPort) instead of by service name") ) func newReadyVPALister(stopChannel <-chan struct{}) vpa_lister.VerticalPodAutoscalerLister { @@ -75,6 +79,7 @@ func main() { Addr: ":8000", TLSConfig: configTLS(clientset, certs.serverCert, certs.serverKey), } - go selfRegistration(clientset, certs.caCert, &namespace) + url := fmt.Sprintf("%v:%v", webhookAddress, webhookPort) + go selfRegistration(clientset, certs.caCert, &namespace, url, *registerByURL) server.ListenAndServeTLS("", "") }