Kubernetes Admission webhook for Statefulset
Question
I created an admission webhook in Kubernetes including resources for deployments and StatefulSet.
The mutation webhook works on Deployments but not in StatefulSets.
I tried searching in documentations, but the example is only on deployments and ReplicaSets.
Are admission controllers supported in StatefulSets in Kubernetes? I am using the 1.16 version.
In the documentation:
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
...
webhooks:
- name: my-webhook.example.com
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["apps"]
apiVersions: ["v1", "v1beta1"]
resources: ["deployments", "replicasets"]
scope: "Namespaced"
Please advise.
1 answers
solution1
2 ACCPTED 2020-07-16 03:24:56
It should be, for example, the PingCap TiDB operator has an option to enable/disable the admission controller for the StatefulSet it manages.
I'm not really sure what behavior you are seeing? It's not allowing you to create a StatefulSet? If yes, you can start you with '*' values and work your way down. For example, allow all namespaces:
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
...
webhooks:
- name: my-webhook.example.com
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["apps"]
apiVersions: ["v1", "v1beta1"]
resources: ["deployments", "replicasets", "statefulsets"]
scope: "*"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.