Allow vpa-admission-controler to installl on specific path

kubernetes · Feb 25, 2019 · a066aac · a066aac
1 parent 0a82f0e
commit a066aac
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 14 deletions.
diff --git a/vertical-pod-autoscaler/pkg/admission-controller/config.go b/vertical-pod-autoscaler/pkg/admission-controller/config.go
@@ -1,12 +1,9 @@
 /*
 Copyright 2018 The Kubernetes Authors.
-
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
-
     http://www.apache.org/licenses/LICENSE-2.0
-
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -82,7 +79,7 @@ func configTLS(clientset *kubernetes.Clientset, serverCert, serverKey []byte) *t
 
 // register this webhook admission controller with the kube-apiserver
 // by creating MutatingWebhookConfiguration.
-func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace *string) {
+func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace *string, url *string, registerByURL *bool) {
 	time.Sleep(10 * time.Second)
 	client := clientset.AdmissionregistrationV1beta1().MutatingWebhookConfigurations()
 	_, err := client.Get(webhookConfigName, metav1.GetOptions{})
@@ -91,6 +88,15 @@ func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace
 			glog.Fatal(err2)
 		}
 	}
+	RegisterClientConfig := v1beta1.WebhookClientConfig{}
+	if *registerByURL == false {
+		RegisterClientConfig.Service.Name = *namespace
+		RegisterClientConfig.Service.Name = "vpa-webhook"
+		RegisterClientConfig.CABundle = caCert
+	} else {
+		RegisterClientConfig.URL = url
+		RegisterClientConfig.CABundle = caCert
+	}
 	webhookConfig := &v1beta1.MutatingWebhookConfiguration{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: webhookConfigName,
@@ -115,13 +121,7 @@ func selfRegistration(clientset *kubernetes.Clientset, caCert []byte, namespace
 							Resources:   []string{"verticalpodautoscalers"},
 						},
 					}},
-				ClientConfig: v1beta1.WebhookClientConfig{
-					Service: &v1beta1.ServiceReference{
-						Namespace: *namespace,
-						Name:      "vpa-webhook",
-					},
-					CABundle: caCert,
-				},
+				ClientConfig: RegisterClientConfig,
 			},
 		},
 	}

diff --git a/vertical-pod-autoscaler/pkg/admission-controller/main.go b/vertical-pod-autoscaler/pkg/admission-controller/main.go
@@ -18,6 +18,7 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"net/http"
 	"os"
 	"time"
@@ -41,8 +42,11 @@ var (
 		tlsPrivateKey: flag.String("tls-private-key", "/etc/tls-certs/serverKey.pem", "Path to server certificate key PEM file."),
 	}
 
-	address   = flag.String("address", ":8944", "The address to expose Prometheus metrics.")
-	namespace = os.Getenv("NAMESPACE")
+	address         = flag.String("address", ":8944", "The address to expose Prometheus metrics.")
+	namespace       = os.Getenv("NAMESPACE")
+	webhookHostName = flag.String("webhookHostName", "", "path for admission controller.Blank for default")
+	serverPort      = flag.String("Server Port", "", "Server Port for Webhook")
+	registerByURL   = flag.Bool("registerByURL", false, "True, if admission webhook is to be register on specific URL")
 )
 
 func newReadyVPALister(stopChannel <-chan struct{}) vpa_lister.VerticalPodAutoscalerLister {
@@ -75,6 +79,8 @@ func main() {
 		Addr:      ":8000",
 		TLSConfig: configTLS(clientset, certs.serverCert, certs.serverKey),
 	}
-	go selfRegistration(clientset, certs.caCert, &namespace)
+	Path := webhookConfigName + ":"
+	url := fmt.Sprintf(Path + *serverPort)
+	go selfRegistration(clientset, certs.caCert, &namespace, &url, registerByURL)
 	server.ListenAndServeTLS("", "")
 }