https://github.com/petergrace/ndots-webhook
An admission controller webhook to set ndots on pods by annotation
https://github.com/petergrace/ndots-webhook
Last synced: 10 months ago
JSON representation
An admission controller webhook to set ndots on pods by annotation
- Host: GitHub
- URL: https://github.com/petergrace/ndots-webhook
- Owner: PeterGrace
- Created: 2020-11-24T14:47:48.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2020-11-28T02:45:19.000Z (over 5 years ago)
- Last Synced: 2025-04-09T08:44:45.944Z (about 1 year ago)
- Language: Rust
- Size: 43.9 KB
- Stars: 0
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ndots-webhook
[](https://drone.k.vsix.me/support/ndots-webhook)
I'm working on a MutatingWebhook for Kubernetes that will allow me to alter DNSOptions `ndots` for any pod in the system based on annotation.
The reason why I'm writing this is because helm charts and operators often don't include dnsconfig options in their specifications, but they generally
allow the pass-through of annotations into pods, which will allow me to dynamically change the pod spec via MutatingWebhook to facilitate this fix.
## How to install
The files in the repo assume you're installing the service to ndots-webhook, namespace ndots-webhook. If you don't want this, you'll need to edit the files in deploy/ to coincide with the changes. No helm charts here yet, but I may create some in the future.
1. Clone this repo.
1. Create a new webhook tls key pair.
```
service= namespace= secret= ./deploy/webhook-create-signed-cert.sh
e.g.
service=ndots-webhook namespace=ndots-webhook secret=ndots-webhook ./deploy/webhook-create-signed-cert.sh
```
1. Copy the cert.pem payload out of that secret and put it into ./deploy/mutating_webhook.yaml under caBundle.
1. `kubectl apply -k ` in the deploy/ folder
NOTE: I use pod security policies in my kubernetes cluster. The psp object might not apply. Just delete it if you don't need it.