search

salesforce / generic-sidecar-injector

A generic framework for injecting sidecars and related configuration in Kubernetes using Mutating Webhook Admission Controllers
BSD 3-Clause "New" or "Revised" License
203 stars 56 forks source link

Usage documentation/Clarifications #14

Open papanito opened 4 years ago

papanito commented 4 years ago

I really like the project, however - maybe as lack of my knowledge - I am troubling to understand some things, so I seeks some clarifications:

If I want to inject a container I require

  1. a "mutating admission controllers" - is that cmd/sidecarinjector? or do I still have to create one for me?
  2. if cmd/sidecarinjector is actually the controller, how to I make my cluster aware of the controller i.e. how to install
  3. Pod annotations - are these part of the pod which is injected?

Then another questions:

  1. The helm-chart is an example of a helm-chart for the pod I want to inject?

Thanks for your help.

krmayankk commented 4 years ago

I really like the project, however - maybe as lack of my knowledge - I am troubling to understand some things, so I seeks some clarifications:

If I want to inject a container I require

  1. a "mutating admission controllers" - is that cmd/sidecarinjector? or do I still have to create one for me?

This generic sidecar injector is actually a mutating admission controller with configuration that allows you to inject any type of config, including containers, volumes, etc. So you DO NOT need to create one.

  1. if cmd/sidecarinjector is actually the controller, how to I make my cluster aware of the controller i.e. how to install

Here is a sample helm chart you can use to install it https://github.com/salesforce/generic-sidecar-injector/tree/master/helm/sidecarinjector

  1. Pod annotations - are these part of the pod which is injected?

This project injects containers not Pod. The annotations you see are part of the pod which is being created . This pod will be intercepted by this mutating webhook, the annotations of the pod being created, will be read by this generic-sidecar-injector and based on those annotations the injection will be performed.

Then another questions:

  1. The helm-chart is an example of a helm-chart for the pod I want to inject?

As mentioned above, this generic-sidecar-injector does not inject a pod, but containers and volumes. This helm chart is used to install this generic-sidecar-injector as a mutating admission controller. Additionally it has https://github.com/salesforce/generic-sidecar-injector/blob/master/helm/sidecarinjector/templates/configmap.yaml which is a list of injections this admission controller will perform, if it sees the annotations listed in this configmap at the bottom of it.

Please also go through the https://engineering.salesforce.com/a-generic-sidecar-injector-for-kubernetes-c05eede1f6bb and let me know how can i help. i can also be reached on kubernetes slack

Thanks for your help.

krmayankk commented 4 years ago

@papanito ^^

dansanabria commented 4 years ago

@krmayankk when trying to install the sample chart to an specific namespace I get the following:`

`Error: unable to build kubernetes objects from release manifest: error validating "": error validating data: [ValidationError(MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[0].values): unknown object type "nil" in MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[0].values[0], ValidationError(MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[1].values): unknown object type "nil" in MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[1].values[0]]
helm.go:84: [debug] error validating "": error validating data: [ValidationError(MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[0].values): unknown object type "nil" in MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[0].values[0], ValidationError(MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[1].values): unknown object type "nil" in MutatingWebhookConfiguration.webhooks[0].namespaceSelector.matchExpressions[1].values[0]]
helm.sh/helm/v3/pkg/kube.scrubValidationError

What am I missing to get a successful install ?

Thanks in advance

talonx commented 4 years ago

What am I missing to get a successful install ?

You need to add the namespace variable in the values.yaml.

krmayankk commented 4 years ago

@talonx were you able to get it working ? any suggestions for improving the readme/documentation @dansanabria are you still stuck ?

talonx commented 4 years ago

@krmayankk I actually opted for a different (non-sidecar) approach which suits my use case better - thanks for responding.