kairos/entangle
1
0
Fork 0
mirror of https://github.com/kairos-io/entangle.git synced 2025-08-14 06:16:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Inject nethost by default in entangled pods

Browse Source
This commit is contained in:
Ettore Di Giacinto 2022-12-05 16:09:07 +01:00
parent b25f31d789
commit b4a78705dd
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
controllers/webhooks/pod.go
View File

@ -35,6 +35,7 @@ var (
EntanglementNameLabel = "entanglement.kairos.io/name" EntanglementNameLabel = "entanglement.kairos.io/name"
EntanglementServiceLabel = "entanglement.kairos.io/service" EntanglementServiceLabel = "entanglement.kairos.io/service"
EntanglementDirectionLabel = "entanglement.kairos.io/direction" EntanglementDirectionLabel = "entanglement.kairos.io/direction"
EntanglementNetHost = "entanglement.kairos.io/nethost"
EntanglementPortLabel = "entanglement.kairos.io/target_port" EntanglementPortLabel = "entanglement.kairos.io/target_port"
EntanglementHostLabel = "entanglement.kairos.io/host" EntanglementHostLabel = "entanglement.kairos.io/host"
EnvPrefix = "entanglement.kairos.io/env." EnvPrefix = "entanglement.kairos.io/env."
@ -54,7 +55,6 @@ func (w *Webhook) SetupWebhookWithManager(mgr manager.Manager) error {
} }
func (w *Webhook) Mutate(ctx context.Context, request admission.Request, object runtime.Object) admission.Response { func (w *Webhook) Mutate(ctx context.Context, request admission.Request, object runtime.Object) admission.Response {
_ = log.FromContext(ctx) _ = log.FromContext(ctx)
pod := object.(*corev1.Pod) pod := object.(*corev1.Pod)
@ -115,6 +115,15 @@ func (w *Webhook) Mutate(ctx context.Context, request admission.Request, object
} }
podCopy := pod.DeepCopy() podCopy := pod.DeepCopy()
hostNetwork, exists := info[EntanglementNetHost]
// By default it injects hostnetwork, however if set to false it does enforces it to false
if exists && hostNetwork == "false" {
podCopy.Spec.HostNetwork = false
} else {
podCopy.Spec.HostNetwork = true
}
secret, err := w.clientSet.CoreV1().Secrets(request.Namespace).Get(context.Background(), entanglementName, v1.GetOptions{}) secret, err := w.clientSet.CoreV1().Secrets(request.Namespace).Get(context.Background(), entanglementName, v1.GetOptions{})
if err != nil || secret == nil { if err != nil || secret == nil {
return admission.Denied("entanglement secret not found: " + entanglementName + err.Error()) return admission.Denied("entanglement secret not found: " + entanglementName + err.Error())