1 package edgeinjector
2
3 import (
4 "fmt"
5 "os"
6
7 appsv1 "k8s.io/api/apps/v1"
8 corev1 "k8s.io/api/core/v1"
9 virtv1 "kubevirt.io/api/core/v1"
10 "sigs.k8s.io/controller-runtime/pkg/webhook"
11 "sigs.k8s.io/controller-runtime/pkg/webhook/admission"
12
13 dsapi "edge-infra.dev/pkg/edge/datasync/apis/v1alpha1"
14 dsv1 "edge-infra.dev/pkg/sds/devices/k8s/apis/v1"
15
16 "github.com/go-logr/logr"
17
18 "edge-infra.dev/pkg/k8s/runtime/controller"
19 "edge-infra.dev/pkg/lib/fog"
20
21 "k8s.io/apimachinery/pkg/runtime"
22 utilruntime "k8s.io/apimachinery/pkg/util/runtime"
23 clientgoscheme "k8s.io/client-go/kubernetes/scheme"
24 ctrl "sigs.k8s.io/controller-runtime"
25 )
26
27
28
29
30
31
32
33
34
35 func Run(o ...controller.Option) error {
36 log := fog.New()
37 log.WithName("EdgeInjector")
38
39 c, err := NewConfig()
40 if err != nil {
41 log.Error(err, "fail to build configuration")
42 os.Exit(1)
43 }
44
45 mgr, err := create(log, c, o...)
46 if err != nil {
47 return err
48 }
49
50 log.Info("starting webhooks")
51 if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {
52 log.Error(err, "problem running manager")
53 return err
54 }
55
56 return nil
57 }
58
59
60 func create(log logr.Logger, c *Config, o ...controller.Option) (ctrl.Manager, error) {
61 ctrl.SetLogger(log)
62
63 log.Info("setting up manager")
64
65 if c.EnableWebhook {
66 o = append(o,
67 controller.WithCertDir(c.CertDir),
68 controller.WithPort(c.Port),
69 )
70 }
71
72 mgr, err := createManager(o...)
73 if err != nil {
74 ctrl.Log.Error(err, "unable to create manager")
75 return nil, err
76 }
77
78 if c.EnableWebhook {
79 webhookServer := mgr.GetWebhookServer()
80 webhookServer.Register(Path(CouchDBSecret), &webhook.Admission{Handler: admission.WithCustomDefaulter(createScheme(), &corev1.Pod{}, &CouchUserWebhook{Client: mgr.GetClient()})})
81 webhookServer.Register(Path(NodeSecret), &webhook.Admission{Handler: admission.WithCustomDefaulter(createScheme(), &corev1.Pod{}, &NodeWebhook{Client: mgr.GetClient()})})
82 webhookServer.Register("/resourcerequest-deployment", &admission.Webhook{Handler: admission.WithCustomDefaulter(createScheme(), &appsv1.Deployment{}, &ResourceRequestWebhook{Client: mgr.GetClient()})})
83 webhookServer.Register("/resourcerequest-daemonset", &admission.Webhook{Handler: admission.WithCustomDefaulter(createScheme(), &appsv1.DaemonSet{}, &ResourceRequestWebhook{Client: mgr.GetClient()})})
84 webhookServer.Register("/resourcerequest-statefulset", &admission.Webhook{Handler: admission.WithCustomDefaulter(createScheme(), &appsv1.StatefulSet{}, &ResourceRequestWebhook{Client: mgr.GetClient()})})
85 webhookServer.Register("/resourcerequest-pods", &admission.Webhook{Handler: admission.WithCustomDefaulter(createScheme(), &corev1.Pod{}, &ResourceRequestWebhook{Client: mgr.GetClient()})})
86 webhookServer.Register("/device-class-validation-deviceclasses", &admission.Webhook{Handler: admission.WithCustomValidator(createScheme(), &dsv1.DeviceClass{}, &DeviceClassWebhook{})})
87 webhookServer.Register("/device-class-validation-devicesets", &admission.Webhook{Handler: admission.WithCustomValidator(createScheme(), &dsv1.DeviceSet{}, &DeviceClassWebhook{})})
88 }
89
90 if err := (&PodSecretReconciler{
91 Client: mgr.GetClient(),
92 Name: "podsecretreconciler",
93 RequeueTime: c.RequeueTime,
94 PollingInterval: c.PollingInterval,
95 ReconcileConcurrency: c.ReconcileConcurrency,
96 }).SetupWithManager(mgr); err != nil {
97 log.Error(err, "failed to create PodSecretReconciler and set up with manager")
98 return nil, err
99 }
100
101 return mgr, nil
102 }
103
104 func createManager(o ...controller.Option) (ctrl.Manager, error) {
105 cfg, opts := controller.ProcessOptions(o...)
106 opts.LeaderElectionID = InjectorLabel
107 opts.Scheme = createScheme()
108
109 return ctrl.NewManager(cfg, opts)
110 }
111
112 func Path(s SecretType) string {
113 return fmt.Sprintf("/mutating-create-update-pod-%s", s)
114 }
115
116 func createScheme() *runtime.Scheme {
117 scheme := runtime.NewScheme()
118 utilruntime.Must(clientgoscheme.AddToScheme(scheme))
119 utilruntime.Must(dsapi.AddToScheme(scheme))
120 utilruntime.Must(dsv1.AddToScheme(scheme))
121 utilruntime.Must(virtv1.AddToScheme(scheme))
122 return scheme
123 }
124
View as plain text