1
1
# Webhooks
2
2
3
3
Kubernetes supports various webhooks to extend the normal api behaviour
4
- of the master api. Those are documented on the
4
+ of the master api. Those are documented on the
5
5
[ kubernetes website] ( https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/ ) .
6
6
7
7
` KubeOps ` supports the following webhooks out of the box:
8
+
8
9
- Validator / Validation
9
10
- Mutator / Mutation
10
11
@@ -24,6 +25,7 @@ generate a CA certificate for you.
24
25
25
26
So if you add a webhook to your operator the following changes
26
27
to the normal deployment of the operator will happen:
28
+
27
29
1 . During "after build" phase, the sdk will generate
28
30
a CA-certificate for self signed certificates for you.
29
31
2 . The ca certificate and the corresponding key are added
@@ -61,9 +63,64 @@ trigger a POST call to the operator.
61
63
62
64
## Local development
63
65
64
- It is possible to test webhooks locally. For this, you need
65
- to register the webhook via dependency injection with the corresponding
66
- method (in the builder) and then start your operator.
66
+ It is possible to test / debug webhooks locally. For this, you need
67
+ to implement the webhook and use assembly-scanning (or the
68
+ operator builder if you disabled scanning) to register
69
+ the webhook type.
70
+
71
+ There are two possibilities to tell Kubernetes that it should
72
+ call your local running operator for the webhooks. The url
73
+ that Kubernetes addresses _ must_ be an HTTPS address.
74
+
75
+ ### Using ` AddWebhookLocaltunnel `
76
+
77
+ In your ` Startup.cs ` you can use the ` IOperatorBuilder `
78
+ method ` AddWebhookLocaltunnel ` to add an automatic
79
+ localtunnel instance to your operator.
80
+
81
+ This will cause the operator to register a hosted service that
82
+ creates a tunnel and then registers itself to Kubernetes
83
+ with the created proxy-url. Now all calls are automatically
84
+ forwarded via HTTPS to your operator.
85
+
86
+ ``` csharp
87
+ namespace KubeOps .TestOperator
88
+ {
89
+ public class Startup
90
+ {
91
+ public void ConfigureServices (IServiceCollection services )
92
+ {
93
+ services
94
+ .AddKubernetesOperator ()
95
+ #if DEBUG
96
+ .AddWebhookLocaltunnel ()
97
+ #endif
98
+ ;
99
+ services .AddTransient <IManager , TestManager .TestManager >();
100
+ }
101
+
102
+ public void Configure (IApplicationBuilder app )
103
+ {
104
+ app .UseKubernetesOperator ();
105
+ }
106
+ }
107
+ }
108
+ ```
109
+
110
+ > [ !WARNING]
111
+ > It is _ strongly_ advices against using auto-webhooks
112
+ > with localtunnel in production. This feature
113
+ > is intended to improve the developer experience
114
+ > while coding operators.
115
+
116
+ > [ !NOTE]
117
+ > Some IDEs (like Rider from JetBrains) do not correctly
118
+ > terminate debugged applications. Hence, the
119
+ > webhook registration remains in Kubernetes. If you remove
120
+ > webhooks from your operator, you need to remove the
121
+ > registration within Kubernetes as well.
122
+
123
+ ### Using external proxy
67
124
68
125
The operator will run on a specific http address, depending on your
69
126
configuration.
@@ -87,6 +144,7 @@ Webhooks are registered in a **scoped** manner to the DI system.
87
144
They behave like asp.net api controller.
88
145
89
146
The implementation of a validator is fairly simple:
147
+
90
148
- Create a class somewhere in your project.
91
149
- Implement the @"KubeOps.Operator.Webhooks.IValidationWebhook`1" interface.
92
150
- Define the @"KubeOps.Operator.Webhooks.IAdmissionWebhook`2.Operations"
@@ -138,6 +196,7 @@ the object that is later passed to the validators and to the Kubernetes
138
196
API.
139
197
140
198
The implementation of a mutator is fairly simple:
199
+
141
200
- Create a class somewhere in your project.
142
201
- Implement the @"KubeOps.Operator.Webhooks.IMutationWebhook`1" interface.
143
202
- Define the @"KubeOps.Operator.Webhooks.IAdmissionWebhook`2.Operations"
0 commit comments