plumb the proxyTransport to the webhook admission plugin;

set the ServerName in the config for webhook admission plugin.

pkg/kubeapiserver/admission/initializer.go

@@ -17,6 +17,7 @@ limitations under the License.
 package admission
 
 import (
+	"net/http"
 	"net/url"
 
 	"k8s.io/apimachinery/pkg/api/meta"
@@ -88,6 +89,12 @@ type ServiceResolver interface {
 	ResolveEndpoint(namespace, name string) (*url.URL, error)
 }
 
+// WantsProxyTransport defines a fuction that accepts a proxy transport for admission
+// plugins that need to make calls to pods.
+type WantsProxyTransport interface {
+	SetProxyTransport(proxyTransport *http.Transport)
+}
+
 type PluginInitializer struct {
 	internalClient  internalclientset.Interface
 	externalClient  clientset.Interface
@@ -99,8 +106,9 @@ type PluginInitializer struct {
 	serviceResolver ServiceResolver
 
 	// for proving we are apiserver in call-outs
-	clientCert []byte
-	clientKey  []byte
+	clientCert     []byte
+	clientKey      []byte
+	proxyTransport *http.Transport
 }
 
 var _ admission.PluginInitializer = &PluginInitializer{}
@@ -142,6 +150,12 @@ func (i *PluginInitializer) SetClientCert(cert, key []byte) *PluginInitializer {
 	return i
 }
 
+// SetProxyTransport sets the proxyTransport which is needed by some plugins.
+func (i *PluginInitializer) SetProxyTransport(proxyTransport *http.Transport) *PluginInitializer {
+	i.proxyTransport = proxyTransport
+	return i
+}
+
 // Initialize checks the initialization interfaces implemented by each plugin
 // and provide the appropriate initialization data
 func (i *PluginInitializer) Initialize(plugin admission.Interface) {
@@ -186,4 +200,8 @@ func (i *PluginInitializer) Initialize(plugin admission.Interface) {
 		}
 		wants.SetClientCert(i.clientCert, i.clientKey)
 	}
+
+	if wants, ok := plugin.(WantsProxyTransport); ok {
+		wants.SetProxyTransport(i.proxyTransport)
+	}
 }