mirror of
https://github.com/kubevirt/containerized-data-importer.git
synced 2025-06-03 06:30:22 +00:00
148 lines
4.6 KiB
Go
148 lines
4.6 KiB
Go
/*
|
|
Copyright 2018 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package main
|
|
|
|
import (
|
|
"flag"
|
|
"os"
|
|
|
|
admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1"
|
|
appsv1 "k8s.io/api/apps/v1"
|
|
corev1 "k8s.io/api/core/v1"
|
|
apitypes "k8s.io/apimachinery/pkg/types"
|
|
_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
|
|
"sigs.k8s.io/controller-runtime/pkg/client/config"
|
|
"sigs.k8s.io/controller-runtime/pkg/controller"
|
|
"sigs.k8s.io/controller-runtime/pkg/handler"
|
|
"sigs.k8s.io/controller-runtime/pkg/manager"
|
|
logf "sigs.k8s.io/controller-runtime/pkg/runtime/log"
|
|
"sigs.k8s.io/controller-runtime/pkg/runtime/signals"
|
|
"sigs.k8s.io/controller-runtime/pkg/source"
|
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
|
"sigs.k8s.io/controller-runtime/pkg/webhook/admission/builder"
|
|
)
|
|
|
|
var log = logf.Log.WithName("example-controller")
|
|
|
|
func main() {
|
|
var disableWebhookConfigInstaller bool
|
|
flag.BoolVar(&disableWebhookConfigInstaller, "disable-webhook-config-installer", false,
|
|
"disable the installer in the webhook server, so it won't install webhook configuration resources during bootstrapping")
|
|
|
|
flag.Parse()
|
|
logf.SetLogger(logf.ZapLogger(false))
|
|
entryLog := log.WithName("entrypoint")
|
|
|
|
// Setup a Manager
|
|
entryLog.Info("setting up manager")
|
|
mgr, err := manager.New(config.GetConfigOrDie(), manager.Options{})
|
|
if err != nil {
|
|
entryLog.Error(err, "unable to set up overall controller manager")
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Setup a new controller to Reconciler ReplicaSets
|
|
entryLog.Info("Setting up controller")
|
|
c, err := controller.New("foo-controller", mgr, controller.Options{
|
|
Reconciler: &reconcileReplicaSet{client: mgr.GetClient(), log: log.WithName("reconciler")},
|
|
})
|
|
if err != nil {
|
|
entryLog.Error(err, "unable to set up individual controller")
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Watch ReplicaSets and enqueue ReplicaSet object key
|
|
if err := c.Watch(&source.Kind{Type: &appsv1.ReplicaSet{}}, &handler.EnqueueRequestForObject{}); err != nil {
|
|
entryLog.Error(err, "unable to watch ReplicaSets")
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Watch Pods and enqueue owning ReplicaSet key
|
|
if err := c.Watch(&source.Kind{Type: &corev1.Pod{}},
|
|
&handler.EnqueueRequestForOwner{OwnerType: &appsv1.ReplicaSet{}, IsController: true}); err != nil {
|
|
entryLog.Error(err, "unable to watch Pods")
|
|
os.Exit(1)
|
|
}
|
|
|
|
// Setup webhooks
|
|
entryLog.Info("setting up webhooks")
|
|
mutatingWebhook, err := builder.NewWebhookBuilder().
|
|
Name("mutating.k8s.io").
|
|
Mutating().
|
|
Operations(admissionregistrationv1beta1.Create, admissionregistrationv1beta1.Update).
|
|
WithManager(mgr).
|
|
ForType(&corev1.Pod{}).
|
|
Handlers(&podAnnotator{}).
|
|
Build()
|
|
if err != nil {
|
|
entryLog.Error(err, "unable to setup mutating webhook")
|
|
os.Exit(1)
|
|
}
|
|
|
|
validatingWebhook, err := builder.NewWebhookBuilder().
|
|
Name("validating.k8s.io").
|
|
Validating().
|
|
Operations(admissionregistrationv1beta1.Create, admissionregistrationv1beta1.Update).
|
|
WithManager(mgr).
|
|
ForType(&corev1.Pod{}).
|
|
Handlers(&podValidator{}).
|
|
Build()
|
|
if err != nil {
|
|
entryLog.Error(err, "unable to setup validating webhook")
|
|
os.Exit(1)
|
|
}
|
|
|
|
entryLog.Info("setting up webhook server")
|
|
as, err := webhook.NewServer("foo-admission-server", mgr, webhook.ServerOptions{
|
|
Port: 9876,
|
|
CertDir: "/tmp/cert",
|
|
DisableWebhookConfigInstaller: &disableWebhookConfigInstaller,
|
|
BootstrapOptions: &webhook.BootstrapOptions{
|
|
Secret: &apitypes.NamespacedName{
|
|
Namespace: "default",
|
|
Name: "foo-admission-server-secret",
|
|
},
|
|
|
|
Service: &webhook.Service{
|
|
Namespace: "default",
|
|
Name: "foo-admission-server-service",
|
|
// Selectors should select the pods that runs this webhook server.
|
|
Selectors: map[string]string{
|
|
"app": "foo-admission-server",
|
|
},
|
|
},
|
|
},
|
|
})
|
|
if err != nil {
|
|
entryLog.Error(err, "unable to create a new webhook server")
|
|
os.Exit(1)
|
|
}
|
|
|
|
entryLog.Info("registering webhooks to the webhook server")
|
|
err = as.Register(mutatingWebhook, validatingWebhook)
|
|
if err != nil {
|
|
entryLog.Error(err, "unable to register webhooks in the admission server")
|
|
os.Exit(1)
|
|
}
|
|
|
|
entryLog.Info("starting manager")
|
|
if err := mgr.Start(signals.SetupSignalHandler()); err != nil {
|
|
entryLog.Error(err, "unable to run manager")
|
|
os.Exit(1)
|
|
}
|
|
}
|