tailhook

module
v0.0.0-...-dfd46a3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2021 License: MIT

README

Tailhook

Tailhook is a webhook server that injects a sidecar during MutatingWebhook phase a sidecar of your choice to any of the Deployments annotated with a certain label.

Build

  1. Build binary
# make build
  1. Build docker image
# make build-image
  1. push docker image
# make push-image

Note: log into the docker registry before pushing the image.

Deploy

  1. Create namespace tailhook in which the webhook server will get deployed:
# kubectl create ns tailhook
  1. Create a signed cert/key pair and store it in a Kubernetes secret that will be consumed by sidecar injector deployment:
# make create-signed-cert
  1. Patch the MutatingWebhookConfiguration by set caBundle with correct value from Kubernetes cluster:
# make patch-ca
  1. Deploy resources:
# helm install tailhook -n tailhook

you can use your own namespace and value file and configure as many containers as you want, all of em will get injected as sidecars.

Test the POC

  1. The sidecar inject webhook should be in running state:
# kubectl -n tailhook get po
NAME                                                   READY   STATUS    RESTARTS   AGE
tailhook-webhook-deployment-7c8bc5f4c9-28c84   1/1     Running   0          10s
# kubectl -n sidecar-injector get deploy
NAME                                  READY   UP-TO-DATE   AVAILABLE   AGE
tailhook-webhook-deployment   1/1     1            1           50s
  1. Create new namespace test and label it with sidecar-injector=enabled:
# kubectl create ns injection
# kubectl label namespace injection sidecar-injection=enabled
# kubectl get namespace -l sidecar-injection
NAME                 STATUS   AGE   SIDECAR-INJECTION
default              Active   26m
test                 Active   13s   enabled
kube-public          Active   26m
kube-system          Active   26m
tailhook             Active   17m
  1. Deploy an app in Kubernetes cluster, take alpine app as an example
# kubectl run alpine --image=alpine --restart=Never -n injection --overrides='{"apiVersion":"v1","metadata":{"annotations":{"tailhook-webhook.4lane.legit/inject":"yes"}}}' --command -- sleep infinity
  1. Verify sidecar container is injected:
# kubectl get pod
NAME                     READY     STATUS        RESTARTS   AGE
alpine                   2/2       Running       0          1m
# kubectl -n injection get pod alpine -o jsonpath="{.spec.containers[*].name}"

alpine sidecar-nginx

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.