-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable setting custom objectSelector for webhook #2407
Conversation
Hi @Shreya027. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Codecov Report
@@ Coverage Diff @@
## main #2407 +/- ##
=======================================
Coverage 53.35% 53.35%
=======================================
Files 140 140
Lines 7962 7962
=======================================
Hits 4248 4248
Misses 3397 3397
Partials 317 317 Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to update the README.md as well documenting objectSelector
@@ -232,3 +232,13 @@ backendSecurityGroup: | |||
|
|||
# disableRestrictedSecurityGroupRules specifies whether to disable creating port-range restricted security group rules for traffic | |||
disableRestrictedSecurityGroupRules: | |||
|
|||
#objectSelector for webhook |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: space after #
#objectSelector for webhook | ||
objectSelector: | ||
matchExpressions: | ||
#- key: <key> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: space after #
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add proper indentation
@kishorj Hi have added section in README for the change. I'm guessing doc will be updated separately. |
@@ -214,3 +214,5 @@ The default values set by the application itself can be confirmed [here](https:/ | |||
| `enableBackendSecurityGroup` | If enabled, controller uses shared security group for backend traffic | `true` | | |||
| `backendSecurityGroup` | Backend security group to use instead of auto created one if the feature is enabled | `` | | |||
| `disableRestrictedSecurityGroupRules` | If disabled, controller will not specify port range restriction in the backend security group rules | `false` | | |||
| `objectSelector.matchExpressions` | Webhook configuration to select specific pods by specifying the expression to be matched | `app.kubernetes.io/name NotIn {{ include "aws-load-balancer-controller.name" . }}` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The default should be None in this case. The load balancer controller name is currently hardcoded in the template and not configurable.
@@ -214,3 +214,5 @@ The default values set by the application itself can be confirmed [here](https:/ | |||
| `enableBackendSecurityGroup` | If enabled, controller uses shared security group for backend traffic | `true` | | |||
| `backendSecurityGroup` | Backend security group to use instead of auto created one if the feature is enabled | `` | | |||
| `disableRestrictedSecurityGroupRules` | If disabled, controller will not specify port range restriction in the backend security group rules | `false` | | |||
| `objectSelector.matchExpressions` | Webhook configuration to select specific pods by specifying the expression to be matched | `app.kubernetes.io/name NotIn {{ include "aws-load-balancer-controller.name" . }}` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
| `objectSelector.matchExpressions` | Webhook configuration to select specific pods by specifying the expression to be matched | `app.kubernetes.io/name NotIn {{ include "aws-load-balancer-controller.name" . }}` | | |
| `objectSelector.matchExpressions` | Webhook configuration to select specific pods by specifying the expression to be matched | None | |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: kishorj, Shreya027 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/ok-to-test |
/retest |
1 similar comment
/retest |
/lgtm |
* Enable setting custom objectSelector for webhook kubernetes-sigs#650 * Add formatting changes * Add webhook changes to README * Read update suggestion * Update READ table header to original
Issue
#2363
Description
Currently when we install the aws load balancer controller via Helm chart, the objectSelector for Pod Readiness Gate is hard coded without any option to extend it. I have added code to allow custom additions using a template format in webhook.yaml with additional custom values fetched from values.yaml
Checklist
README.md
, or thedocs
directory)BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯
I have Tested 4 sample scenarios:
Test Scenario 1:
One entry added for matchLabels besides matchExpressions default entry.
webhook config snippet:
Sample deployment 2048-pods.yaml snippet
Corresponding output with no readiness gates configured:
Sample deployment 2048-pods-labels.yaml snippet
Corresponding output with readiness gates configured:
Test Scenario 2:
One entry added for matchLabels and additional entry added to matchExpressions besides default entry.
webhook config snippet :
Test Scenario 3:
No entry added for matchLabels and additional entry added to matchExpressions besides default entry.
webhook config snippet:
Test Scenario 4:
No addition entry added to matchLabels or matchExpressions besides matchExpressions default entry.
webhook config snippet
I was able to observe the correct behaviour for all the 4 scenarios listed