shoot

package
v1.62.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2023 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 22 Imported by: 16

Documentation

Index

Constants

View Source 
const (
	// WebhookName is the name of the shoot webhook.
	WebhookName = "shoot"
	// KindSystem is used for webhooks which should only apply to the to the kube-system namespace.
	KindSystem = "system"
)

Variables

This section is empty.

Functions

func EnsureNetworkPolicy 

func EnsureNetworkPolicy(ctx context.Context, c client.Client, namespace, extensionName string, port int) error

EnsureNetworkPolicy ensures that the required network policy that allows the kube-apiserver running in the given namespace to talk to the extension webhook is installed.

func GetNetworkPolicyMeta 

func GetNetworkPolicyMeta(namespace, extensionName string) *networkingv1.NetworkPolicy

GetNetworkPolicyMeta returns the network policy object with filled meta data.

func New added in v1.4.0 

func New(mgr manager.Manager, args Args) (*extensionswebhook.Webhook, error)

New creates a new webhook with the shoot as target cluster.

func ReconcileWebhookConfig added in v1.48.0 

func ReconcileWebhookConfig(
	ctx context.Context,
	c client.Client,
	namespace string,
	extensionName string,
	managedResourceName string,
	serverPort int,
	shootWebhookConfig *admissionregistrationv1.MutatingWebhookConfiguration,
	cluster *controller.Cluster,
) error

ReconcileWebhookConfig deploys the shoot webhook configuration, i.e., a network policy to allow the kube-apiserver to talk to the extension, and a managed resource that contains the MutatingWebhookConfiguration.

func ReconcileWebhooksForAllNamespaces added in v1.48.0 

func ReconcileWebhooksForAllNamespaces(
	ctx context.Context,
	c client.Client,
	extensionName string,
	managedResourceName string,
	shootNamespaceSelector map[string]string,
	port int,
	shootWebhookConfig *admissionregistrationv1.MutatingWebhookConfiguration,
) error

ReconcileWebhooksForAllNamespaces reconciles the shoot webhooks in all shoot namespaces of the given provider type. This is necessary in case the webhook port is changed (otherwise, the network policy would only be updated again as part of the ControlPlane reconciliation which might only happen in the next 24h).

Types

type Args added in v1.4.0 

type Args struct {
	// Types is a list of resource types.
	Types []extensionswebhook.Type
	// Mutator is a mutator to be used by the admission handler. It doesn't need the shoot client.
	Mutator extensionswebhook.Mutator
	// MutatorWithShootClient is a mutator to be used by the admission handler. It needs the shoot client.
	MutatorWithShootClient extensionswebhook.MutatorWithShootClient
	// FailurePolicy is the failure policy for the webhook (defaults to Ignore).
	FailurePolicy *admissionregistrationv1.FailurePolicyType
}

Args are arguments for creating a webhook targeting a shoot.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.