From c4a0a15e4a479f6bab6137163993e3cad7f37207 Mon Sep 17 00:00:00 2001 From: Yatin Karel Date: Fri, 5 Sep 2025 11:29:48 +0530 Subject: [PATCH] Make local webhook port configurable Will be helpful when running multiple operators locally --- Makefile | 1 + hack/run_with_local_webhook.sh | 23 ++++++++++++----------- main.go | 4 +++- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/Makefile b/Makefile index aa0d4c18..528fb24b 100644 --- a/Makefile +++ b/Makefile @@ -353,6 +353,7 @@ SKIP_CERT ?=false run-with-webhook: export METRICS_PORT?=8080 run-with-webhook: export HEALTH_PORT?=8081 run-with-webhook: export PPROF_PORT?=8082 +run-with-webhook: export WEBHOOK_PORT?=9443 run-with-webhook: manifests generate fmt vet ## Run a controller from your host. /bin/bash hack/run_with_local_webhook.sh diff --git a/hack/run_with_local_webhook.sh b/hack/run_with_local_webhook.sh index a85d7a78..9bbd24a4 100755 --- a/hack/run_with_local_webhook.sh +++ b/hack/run_with_local_webhook.sh @@ -15,10 +15,11 @@ TMPDIR=${TMPDIR:-"/tmp/k8s-webhook-server/serving-certs"} SKIP_CERT=${SKIP_CERT:-false} CRC_IP=${CRC_IP:-$(/sbin/ip -o -4 addr list crc | awk '{print $4}' | cut -d/ -f1)} FIREWALL_ZONE=${FIREWALL_ZONE:-"libvirt"} +WEBHOOK_PORT=${WEBHOOK_PORT:-${WEBHOOK_PORT}} -#Open 9443 +#Open ${WEBHOOK_PORT} if systemctl is-enabled firewalld; then - sudo firewall-cmd --zone=${FIREWALL_ZONE} --add-port=9443/tcp + sudo firewall-cmd --zone=${FIREWALL_ZONE} --add-port=${WEBHOOK_PORT}/tcp sudo firewall-cmd --runtime-to-permanent fi @@ -50,7 +51,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/validate-telemetry-openstack-org-v1beta1-autoscaling + url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-telemetry-openstack-org-v1beta1-autoscaling failurePolicy: Fail matchPolicy: Equivalent name: vautoscaling.kb.io @@ -78,7 +79,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/mutate-telemetry-openstack-org-v1beta1-autoscaling + url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-telemetry-openstack-org-v1beta1-autoscaling failurePolicy: Fail matchPolicy: Equivalent name: mautoscaling.kb.io @@ -106,7 +107,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/validate-telemetry-openstack-org-v1beta1-ceilometer + url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-telemetry-openstack-org-v1beta1-ceilometer failurePolicy: Fail matchPolicy: Equivalent name: vtelemetry.kb.io @@ -134,7 +135,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/mutate-telemetry-openstack-org-v1beta1-ceilometer + url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-telemetry-openstack-org-v1beta1-ceilometer failurePolicy: Fail matchPolicy: Equivalent name: mtelemetry.kb.io @@ -162,7 +163,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/validate-telemetry-openstack-org-v1beta1-telemetry + url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-telemetry-openstack-org-v1beta1-telemetry failurePolicy: Fail matchPolicy: Equivalent name: vtelemetry.kb.io @@ -190,7 +191,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/mutate-telemetry-openstack-org-v1beta1-telemetry + url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-telemetry-openstack-org-v1beta1-telemetry failurePolicy: Fail matchPolicy: Equivalent name: mtelemetry.kb.io @@ -218,7 +219,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/validate-telemetry-openstack-org-v1beta1-metricstorage + url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-telemetry-openstack-org-v1beta1-metricstorage failurePolicy: Fail matchPolicy: Equivalent name: vmetricstorage.kb.io @@ -246,7 +247,7 @@ webhooks: - v1 clientConfig: caBundle: ${CA_BUNDLE} - url: https://${CRC_IP}:9443/mutate-telemetry-openstack-org-v1beta1-metricstorage + url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-telemetry-openstack-org-v1beta1-metricstorage failurePolicy: Fail matchPolicy: Equivalent name: mmetricstorage.kb.io @@ -302,4 +303,4 @@ else oc scale --replicas=0 -n openstack-operators deploy/telemetry-operator-controller-manager fi -go run ./main.go -metrics-bind-address ":${METRICS_PORT}" -health-probe-bind-address ":${HEALTH_PORT}" -pprof-bind-address ":${PPROF_PORT}" +go run ./main.go -metrics-bind-address ":${METRICS_PORT}" -health-probe-bind-address ":${HEALTH_PORT}" -pprof-bind-address ":${PPROF_PORT}" -webhook-bind-address "${WEBHOOK_PORT}" diff --git a/main.go b/main.go index 7ad8832d..7d42c379 100644 --- a/main.go +++ b/main.go @@ -91,11 +91,13 @@ func main() { var enableLeaderElection bool var probeAddr string var pprofBindAddress string + var webhookPort int var enableHTTP2 bool flag.BoolVar(&enableHTTP2, "enable-http2", enableHTTP2, "If HTTP/2 should be enabled for the metrics and webhook servers.") flag.StringVar(&metricsAddr, "metrics-bind-address", ":8083", "The address the metric endpoint binds to.") flag.StringVar(&probeAddr, "health-probe-bind-address", ":8084", "The address the probe endpoint binds to.") flag.StringVar(&pprofBindAddress, "pprof-bind-address", "", "The address the pprof endpoint binds to. Set to empty to disable pprof.") + flag.IntVar(&webhookPort, "webhook-bind-address", 9443, "The port the webhook server binds to.") flag.BoolVar(&enableLeaderElection, "leader-elect", false, "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") @@ -125,7 +127,7 @@ func main() { PprofBindAddress: pprofBindAddress, WebhookServer: webhook.NewServer( webhook.Options{ - Port: 9443, + Port: webhookPort, TLSOpts: []func(config *tls.Config){disableHTTP2}, }), }