README
¶
G8S Admission Controller
Giant Swarm Control Plane admission controller that implements the following rules:
-
In a
G8sControlPlaneresource, when the.spec.replicasis changed from 1 to 3, the Availability Zones of the accordingAWSControlPlanewill be defaulted if needed. -
In a
G8sControlPlaneresource, the replicas attribute will be defaulted if it is not defined.- For HA-Versions, in case the matching
AWSControlPlanealready exists, the number of AZs determines the value ofreplicas. In case no suchAWSControlPlaneexists, the default number of AZs is assigned. - For pre-HA versions, replicas is always set to 1 for a single master cluster.
- For HA-Versions, in case the matching
-
In a
G8sControlPlaneresource, the infrastructure reference will be set to point to the matchingAWSControlPlaneresource if it already exists. -
In an
AWSControlPlaneresource, the Availability Zones will be defaulted if they arenil.- For HA-Versions, in case the matching
G8sControlPlanealready exists, the number of AZs is determined by the number ofreplicasdefined there. In case no suchG8sControlPlaneexists, the default number of AZs is assigned. - For Pre-HA-Versions, in case the matching
AWSClusteralready exists, the AZ is taken from there.
- For HA-Versions, in case the matching
-
In an
AWSControlPlaneresource, the Instance Type will be defaulted if it is not defined.- For HA-Versions, the default Instance Type is chosen.
- For Pre-HA-Versions, in case the matching
AWSClusteralready exists, the Instance Type is taken from there.
-
On creation of an
AWSControlPlaneresource, the infrastructure reference of the accordingG8sControlPlanewill be set if needed. -
When a new
AWSMachineDeploymentis created, details are logged.
The certificates for the webhook are created with CertManager and injected through the CA Injector.
Ownership
Firecracker Team
Local Development
Testing the admission-controller in a kind cluster on your local machine:
kind create cluster
# Build a linux image
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build .
docker build . -t admission-controller:dev
kind load docker-image admission-controller:dev
# Make sure the Custom Resource Definitions are in place
opsctl ensure crds -k "$(kind get kubeconfig)" -p aws
# Insert the certificate
kubectl apply --context kind-kind -f local_dev/certmanager.yml
## Wait until certmanager is up
kubectl apply --context kind-kind -f local_dev/clusterissuer.yml
helm template admission-controller -f helm/admission-controller/ci/default-values.yaml helm/admission-controller > local_dev/deploy.yaml
## Replace image name with admission-controller:dev
kubectl apply --context kind-kind -f local_dev/deploy.yaml
kind delete cluster
Changelog
See Releases
Contact
- Bugs: issues
- Please visit https://www.giantswarm.io/responsible-disclosure for information on reporting security issues.
Contributing, reporting bugs
See CONTRIBUTING for details on submitting patches, the contribution workflow as well as reporting bugs.
Publishing a release
See docs/Release.md
Add a new webhook
See docs/webhook.md
Writing tests
See docs/tests.md
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
pkg
|
|
|
aws/awsmachinedeployment
Package awsmachinedeployment intercepts write activity to AWSMachineDeployment objects.
|
Package awsmachinedeployment intercepts write activity to AWSMachineDeployment objects. |