README
¶
network health admission controller
This admission controller acts as a MutatingAdmissionWebhook and adds network health sidecars to pods.
Installation
- install the dependencies
- download and verify setup.yaml
- deploy admission controller
kubectl apply -f setup.yaml
Dependencies
- Cert Manager is used to set up certificates to validate the webhook against the kubernetes control plane.
Usage
Enable admission controller for a namespace
Create a namespace and add the label network-health-sidecar/enabled: "true".
apiVersion: v1
kind: Namespace
metadata:
name: network-health-test
labels:
network-health-sidecar/enabled: "true"
All pods created in this namespace start with an additional network health sidecar container.
Disable for a pod
Create a pod and add the label network-health-sidecar/enabled: "false".
apiVersion: v1
kind: Pod
metadata:
name: network-health-test-pod-disabled
namespace: network-health-test
labels:
network-health-sidecar/enabled: "false"
spec:
containers:
- name: example
image: nginx
Pods with this label will skip the sidecar setup.
Use network port instead of unix socket
The sidecar communicates by default via a unix socket.
To communicate via a network port add the label network-health-sidecar/port: "8181".
apiVersion: v1
kind: Pod
metadata:
name: network-health-test-pod-disabled
namespace: network-health-test
labels:
network-health-sidecar/port: "8181"
spec:
containers:
- name: example
image: nginx
Pods with this label will use port 8181 and define a http redinessProbe instead of a exec readinessProbe.
local development
Documentation
¶
There is no documentation for this package.
Source Files
Click to show internal directories.
Click to hide internal directories.