Skip to content

Commit 67d4817

Browse files
bhperrybhperry
authored
✨ Networking config for default mode webhooks (#379)
* Networking configuration options for webhooks Signed-off-by: Ben Perry <[email protected]> * BindConfiguration with int ports Signed-off-by: Ben Perry <[email protected]> * Update Signed-off-by: Ben Perry <[email protected]> --------- Signed-off-by: Ben Perry <[email protected]>
1 parent c0d6364 commit 67d4817

File tree

4 files changed

+308
-39
lines changed

4 files changed

+308
-39
lines changed

operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml

Lines changed: 153 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,89 @@ spec:
9191
DeployOption contains the options of deploying a cluster-manager
9292
Default mode is used if DeployOption is not set.
9393
properties:
94+
default:
95+
description: Default includes optional configurations for clustermanager
96+
in the Default mode.
97+
properties:
98+
registrationWebhookConfiguration:
99+
description: RegistrationWebhookConfiguration represents the
100+
customized webhook-server configuration of registration.
101+
properties:
102+
bindConfiguration:
103+
description: BindConfiguration represents server bind
104+
configuration for the webhook server
105+
properties:
106+
healthProbePort:
107+
default: 8000
108+
description: |-
109+
HealthProbePort represents the bind port of a webhook-server's healthcheck endpoint. The default value is 8000.
110+
Healthchecks may be disabled by setting a value less than or equal to 0.
111+
format: int32
112+
maximum: 65535
113+
type: integer
114+
hostNetwork:
115+
description: |-
116+
HostNetwork enables running webhook pods in host networking mode.
117+
This may be required in some installations, such as EKS with Calico CNI,
118+
to allow the API Server to communicate with the webhook pods.
119+
type: boolean
120+
metricsPort:
121+
default: 8080
122+
description: |-
123+
MetricsPort represents the bind port for a webhook-server's metric endpoint. The default value is 8080.
124+
Metrics may be disabled by setting a value less than or equal to 0.
125+
format: int32
126+
maximum: 65535
127+
type: integer
128+
port:
129+
default: 9443
130+
description: Port represents the primary bind port
131+
of a server. The default value is 9443.
132+
format: int32
133+
maximum: 65535
134+
type: integer
135+
type: object
136+
type: object
137+
workWebhookConfiguration:
138+
description: WorkWebhookConfiguration represents the customized
139+
webhook-server configuration of work.
140+
properties:
141+
bindConfiguration:
142+
description: BindConfiguration represents server bind
143+
configuration for the webhook server
144+
properties:
145+
healthProbePort:
146+
default: 8000
147+
description: |-
148+
HealthProbePort represents the bind port of a webhook-server's healthcheck endpoint. The default value is 8000.
149+
Healthchecks may be disabled by setting a value less than or equal to 0.
150+
format: int32
151+
maximum: 65535
152+
type: integer
153+
hostNetwork:
154+
description: |-
155+
HostNetwork enables running webhook pods in host networking mode.
156+
This may be required in some installations, such as EKS with Calico CNI,
157+
to allow the API Server to communicate with the webhook pods.
158+
type: boolean
159+
metricsPort:
160+
default: 8080
161+
description: |-
162+
MetricsPort represents the bind port for a webhook-server's metric endpoint. The default value is 8080.
163+
Metrics may be disabled by setting a value less than or equal to 0.
164+
format: int32
165+
maximum: 65535
166+
type: integer
167+
port:
168+
default: 9443
169+
description: Port represents the primary bind port
170+
of a server. The default value is 9443.
171+
format: int32
172+
maximum: 65535
173+
type: integer
174+
type: object
175+
type: object
176+
type: object
94177
hosted:
95178
description: Hosted includes configurations we need for clustermanager
96179
in the Hosted mode.
@@ -106,9 +189,43 @@ spec:
106189
The Address must be reachable by apiserver of the hub cluster.
107190
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
108191
type: string
192+
bindConfiguration:
193+
description: BindConfiguration represents server bind
194+
configuration for the webhook server
195+
properties:
196+
healthProbePort:
197+
default: 8000
198+
description: |-
199+
HealthProbePort represents the bind port of a webhook-server's healthcheck endpoint. The default value is 8000.
200+
Healthchecks may be disabled by setting a value less than or equal to 0.
201+
format: int32
202+
maximum: 65535
203+
type: integer
204+
hostNetwork:
205+
description: |-
206+
HostNetwork enables running webhook pods in host networking mode.
207+
This may be required in some installations, such as EKS with Calico CNI,
208+
to allow the API Server to communicate with the webhook pods.
209+
type: boolean
210+
metricsPort:
211+
default: 8080
212+
description: |-
213+
MetricsPort represents the bind port for a webhook-server's metric endpoint. The default value is 8080.
214+
Metrics may be disabled by setting a value less than or equal to 0.
215+
format: int32
216+
maximum: 65535
217+
type: integer
218+
port:
219+
default: 9443
220+
description: Port represents the primary bind port
221+
of a server. The default value is 9443.
222+
format: int32
223+
maximum: 65535
224+
type: integer
225+
type: object
109226
port:
110227
default: 443
111-
description: Port represents the port of a webhook-server.
228+
description: Port represents the external port of a webhook-server.
112229
The default value of Port is 443.
113230
format: int32
114231
maximum: 65535
@@ -127,9 +244,43 @@ spec:
127244
The Address must be reachable by apiserver of the hub cluster.
128245
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
129246
type: string
247+
bindConfiguration:
248+
description: BindConfiguration represents server bind
249+
configuration for the webhook server
250+
properties:
251+
healthProbePort:
252+
default: 8000
253+
description: |-
254+
HealthProbePort represents the bind port of a webhook-server's healthcheck endpoint. The default value is 8000.
255+
Healthchecks may be disabled by setting a value less than or equal to 0.
256+
format: int32
257+
maximum: 65535
258+
type: integer
259+
hostNetwork:
260+
description: |-
261+
HostNetwork enables running webhook pods in host networking mode.
262+
This may be required in some installations, such as EKS with Calico CNI,
263+
to allow the API Server to communicate with the webhook pods.
264+
type: boolean
265+
metricsPort:
266+
default: 8080
267+
description: |-
268+
MetricsPort represents the bind port for a webhook-server's metric endpoint. The default value is 8080.
269+
Metrics may be disabled by setting a value less than or equal to 0.
270+
format: int32
271+
maximum: 65535
272+
type: integer
273+
port:
274+
default: 9443
275+
description: Port represents the primary bind port
276+
of a server. The default value is 9443.
277+
format: int32
278+
maximum: 65535
279+
type: integer
280+
type: object
130281
port:
131282
default: 443
132-
description: Port represents the port of a webhook-server.
283+
description: Port represents the external port of a webhook-server.
133284
The default value of Port is 443.
134285
format: int32
135286
maximum: 65535

operator/v1/types_clustermanager.go

Lines changed: 58 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -281,19 +281,65 @@ const (
281281
FeatureGateModeTypeDisable FeatureGateModeType = "Disable"
282282
)
283283

284+
// DefaultClusterManagerConfiguration represents customized configurations for clustermanager in the Default mode.
285+
type DefaultClusterManagerConfiguration struct {
286+
// RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
287+
// +optional
288+
RegistrationWebhookConfiguration DefaultWebhookConfiguration `json:"registrationWebhookConfiguration,omitempty"`
289+
290+
// WorkWebhookConfiguration represents the customized webhook-server configuration of work.
291+
// +optional
292+
WorkWebhookConfiguration DefaultWebhookConfiguration `json:"workWebhookConfiguration,omitempty"`
293+
}
294+
284295
// HostedClusterManagerConfiguration represents customized configurations we need to set for clustermanager in the Hosted mode.
285296
type HostedClusterManagerConfiguration struct {
286297
// RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
287298
// +optional
288-
RegistrationWebhookConfiguration WebhookConfiguration `json:"registrationWebhookConfiguration,omitempty"`
299+
RegistrationWebhookConfiguration HostedWebhookConfiguration `json:"registrationWebhookConfiguration,omitempty"`
289300

290301
// WorkWebhookConfiguration represents the customized webhook-server configuration of work.
291302
// +optional
292-
WorkWebhookConfiguration WebhookConfiguration `json:"workWebhookConfiguration,omitempty"`
303+
WorkWebhookConfiguration HostedWebhookConfiguration `json:"workWebhookConfiguration,omitempty"`
293304
}
294305

295-
// WebhookConfiguration has two properties: Address and Port.
296-
type WebhookConfiguration struct {
306+
// BindConfiguration represents customization of server bindings
307+
type BindConfiguration struct {
308+
// Port represents the primary bind port of a server. The default value is 9443.
309+
// +optional
310+
// +kubebuilder:default=9443
311+
// +kubebuilder:validation:Maximum=65535
312+
Port int32 `json:"port,omitempty"`
313+
314+
// HealthProbePort represents the bind port of a webhook-server's healthcheck endpoint. The default value is 8000.
315+
// Healthchecks may be disabled by setting a value less than or equal to 0.
316+
// +optional
317+
// +kubebuilder:default=8000
318+
// +kubebuilder:validation:Maximum=65535
319+
HealthProbePort int32 `json:"healthProbePort"`
320+
321+
// MetricsPort represents the bind port for a webhook-server's metric endpoint. The default value is 8080.
322+
// Metrics may be disabled by setting a value less than or equal to 0.
323+
// +optional
324+
// +kubebuilder:default=8080
325+
// +kubebuilder:validation:Maximum=65535
326+
MetricsPort int32 `json:"metricsPort"`
327+
328+
// HostNetwork enables running webhook pods in host networking mode.
329+
// This may be required in some installations, such as EKS with Calico CNI,
330+
// to allow the API Server to communicate with the webhook pods.
331+
// +optional
332+
HostNetwork bool `json:"hostNetwork,omitempty"`
333+
}
334+
335+
// DefaultWebhookConfiguration represents customization of webhook servers running in default installation mode
336+
type DefaultWebhookConfiguration struct {
337+
// BindConfiguration represents server bind configuration for the webhook server
338+
BindConfiguration *BindConfiguration `json:"bindConfiguration,omitempty"`
339+
}
340+
341+
// HostedWebhookConfiguration represents customization of webhook servers running in hosted installation mode
342+
type HostedWebhookConfiguration struct {
297343
// Address represents the address of a webhook-server.
298344
// It could be in IP format or fqdn format.
299345
// The Address must be reachable by apiserver of the hub cluster.
@@ -302,11 +348,14 @@ type WebhookConfiguration struct {
302348
// +kubebuilder:validation:Pattern=^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
303349
Address string `json:"address"`
304350

305-
// Port represents the port of a webhook-server. The default value of Port is 443.
351+
// Port represents the external port of a webhook-server. The default value of Port is 443.
306352
// +optional
307353
// +kubebuilder:default=443
308354
// +kubebuilder:validation:Maximum=65535
309355
Port int32 `json:"port,omitempty"`
356+
357+
// BindConfiguration represents server bind configuration for the webhook server
358+
BindConfiguration *BindConfiguration `json:"bindConfiguration,omitempty"`
310359
}
311360

312361
// ClusterManagerDeployOption describes the deployment options for cluster-manager
@@ -323,6 +372,10 @@ type ClusterManagerDeployOption struct {
323372
// +kubebuilder:validation:Enum=Default;Hosted
324373
Mode InstallMode `json:"mode,omitempty"`
325374

375+
// Default includes optional configurations for clustermanager in the Default mode.
376+
// +optional
377+
Default *DefaultClusterManagerConfiguration `json:"default,omitempty"`
378+
326379
// Hosted includes configurations we need for clustermanager in the Hosted mode.
327380
// +optional
328381
Hosted *HostedClusterManagerConfiguration `json:"hosted,omitempty"`

0 commit comments

Comments
 (0)