Kubernetes-Operator篇-02-脚手架熟悉

1、脚手架工具

Operator的实现方式主要包括OperatorSDK和KubeBuilder,目前KubeBuilder在阿里使用的比较多。
KubeBuilder

OperatorSDK

我们这里主要是用KubeBuilder来进行,其中OperatorSDK其实也是应用了KubeBuilder。

2、创建Operator工程

创建脚手架工程:

shell 复制代码
mkdir myapp-operator
cd myapp-operator/
go env -w GO111MODULE=on
go env -w GOPROXY=https://goproxy.cn,direct
kubebuilder init --domain kubenode.kingtest.com

创建脚手架结果:

shell 复制代码
kubebuilder init --domain kubenode.kingtest.com
INFO Writing kustomize manifests for you to edit... 
INFO Writing scaffold for you to edit...          
INFO Get controller runtime:
$ go get sigs.k8s.io/controller-runtime@v0.19.0 
go: downloading sigs.k8s.io/controller-runtime v0.19.0
go: downloading k8s.io/apimachinery v0.31.0
go: downloading k8s.io/api v0.31.0
go: downloading k8s.io/client-go v0.31.0
go: downloading k8s.io/utils v0.0.0-20240711033017-18e509b52bc8
go: downloading github.com/go-logr/logr v1.4.2
go: downloading k8s.io/klog/v2 v2.130.1
go: downloading golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc
go: downloading github.com/evanphx/json-patch/v5 v5.9.0
go: downloading github.com/prometheus/client_golang v1.19.1
go: downloading gomodules.xyz/jsonpatch/v2 v2.4.0
go: downloading github.com/gogo/protobuf v1.3.2
go: downloading github.com/google/gofuzz v1.2.0
go: downloading sigs.k8s.io/structured-merge-diff/v4 v4.4.1
go: downloading k8s.io/apiextensions-apiserver v0.31.0
go: downloading sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd
go: downloading k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340
go: downloading github.com/google/uuid v1.6.0
go: downloading github.com/prometheus/client_model v0.6.1
go: downloading github.com/prometheus/common v0.55.0
go: downloading github.com/fsnotify/fsnotify v1.7.0
go: downloading golang.org/x/net v0.26.0
go: downloading gopkg.in/inf.v0 v0.9.1
go: downloading github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
go: downloading github.com/imdario/mergo v0.3.6
go: downloading github.com/spf13/pflag v1.0.5
go: downloading golang.org/x/term v0.21.0
go: downloading github.com/golang/protobuf v1.5.4
go: downloading github.com/google/gnostic-models v0.6.8
go: downloading golang.org/x/time v0.3.0
go: downloading sigs.k8s.io/yaml v1.4.0
go: downloading github.com/beorn7/perks v1.0.1
go: downloading github.com/cespare/xxhash/v2 v2.3.0
go: downloading github.com/prometheus/procfs v0.15.1
go: downloading golang.org/x/sys v0.21.0
go: downloading google.golang.org/protobuf v1.34.2
go: downloading golang.org/x/oauth2 v0.21.0
go: downloading github.com/json-iterator/go v1.1.12
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/fxamacker/cbor/v2 v2.7.0
go: downloading github.com/google/go-cmp v0.6.0
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
go: downloading github.com/modern-go/reflect2 v1.0.2
go: downloading github.com/go-openapi/jsonreference v0.20.2
go: downloading github.com/go-openapi/swag v0.22.4
go: downloading golang.org/x/text v0.16.0
go: downloading github.com/go-openapi/jsonpointer v0.19.6
go: downloading github.com/emicklei/go-restful/v3 v3.11.0
go: downloading github.com/mailru/easyjson v0.7.7
go: downloading github.com/josharian/intern v1.0.0
go: downloading github.com/x448/float16 v0.8.4
go: downloading github.com/pkg/errors v0.9.1
INFO Update dependencies:
$ go mod tidy           
go: downloading github.com/onsi/ginkgo/v2 v2.19.0
go: downloading github.com/stretchr/testify v1.9.0
go: downloading github.com/onsi/gomega v1.33.1
go: downloading github.com/go-logr/zapr v1.3.0
go: downloading go.uber.org/zap v1.26.0
go: downloading k8s.io/apiserver v0.31.0
go: downloading go.uber.org/goleak v1.3.0
go: downloading github.com/evanphx/json-patch v0.5.2
go: downloading gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
go: downloading gopkg.in/evanphx/json-patch.v4 v4.12.0
go: downloading github.com/kr/pretty v0.3.1
go: downloading go.uber.org/multierr v1.11.0
go: downloading github.com/go-task/slim-sprig/v3 v3.0.0
go: downloading golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d
go: downloading github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af
go: downloading github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2
go: downloading github.com/rogpeppe/go-internal v1.12.0
go: downloading github.com/kr/text v0.2.0
go: downloading k8s.io/component-base v0.31.0
go: downloading go.opentelemetry.io/otel v1.28.0
go: downloading go.opentelemetry.io/otel/trace v1.28.0
go: downloading google.golang.org/grpc v1.65.0
go: downloading sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3
go: downloading golang.org/x/sync v0.7.0
go: downloading github.com/google/cel-go v0.20.1
go: downloading github.com/blang/semver/v4 v4.0.0
go: downloading go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0
go: downloading go.opentelemetry.io/otel/sdk v1.28.0
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157
go: downloading github.com/felixge/httpsnoop v1.0.4
go: downloading go.opentelemetry.io/otel/metric v1.28.0
go: downloading github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
go: downloading github.com/go-logr/stdr v1.2.2
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094
go: downloading github.com/antlr4-go/antlr/v4 v4.13.0
go: downloading google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d
go: downloading github.com/spf13/cobra v1.8.1
go: downloading github.com/stoewer/go-strcase v1.2.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0
go: downloading github.com/cenkalti/backoff/v4 v4.3.0
go: downloading go.opentelemetry.io/proto/otlp v1.3.1
go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0
go: downloading github.com/grpc-ecosystem/grpc-gateway v1.16.0
Next: define a resource with:
$ kubebuilder create api

本步骤创建了 Go module 工程的模板文件,引入了必要的依赖。

这里先设置了go的代理,不然会无法下载依赖。

第一次新建工程时,会下载一些依赖(go: downloading 。。。)

查看此时的项目结构:

shell 复制代码
.
├── cmd
│   └── main.go
├── config
│   ├── default
│   │   ├── kustomization.yaml
│   │   ├── manager_metrics_patch.yaml
│   │   └── metrics_service.yaml
│   ├── manager
│   │   ├── kustomization.yaml
│   │   └── manager.yaml
│   ├── network-policy
│   │   ├── allow-metrics-traffic.yaml
│   │   └── kustomization.yaml
│   ├── prometheus
│   │   ├── kustomization.yaml
│   │   └── monitor.yaml
│   └── rbac
│       ├── kustomization.yaml
│       ├── leader_election_role_binding.yaml
│       ├── leader_election_role.yaml
│       ├── metrics_auth_role_binding.yaml
│       ├── metrics_auth_role.yaml
│       ├── metrics_reader_role.yaml
│       ├── role_binding.yaml
│       ├── role.yaml
│       └── service_account.yaml
├── Dockerfile
├── go.mod
├── go.sum
├── hack
│   └── boilerplate.go.txt
├── Makefile
├── PROJECT
├── README.md
└── test
    ├── e2e
    │   ├── e2e_suite_test.go
    │   └── e2e_test.go
    └── utils
        └── utils.go

12 directories, 29 files

创建API,生成CRD和Controller:

shell 复制代码
kubebuilder create api --group apps --version v1 --kind Myapp

参数含义:

  • group参数表示组的概念
  • version定义版本
  • kind定义自定义资源类型
  • 以上参数组成 自定义yaml 的 apiVersion和kind
  • 执行kubebuilder create api时直接带上--namespaced=false可以将该对象设计为集群级别(类似node、pv)

创建API结果:

shell 复制代码
kubebuilder create api --group apps --version v1 --kind Myapp
INFO Create Resource [y/n]                        
y
INFO Create Controller [y/n]                      
y
INFO Writing kustomize manifests for you to edit... 
INFO Writing scaffold for you to edit...          
INFO api/v1/myapp_types.go                        
INFO api/v1/groupversion_info.go                  
INFO internal/controller/suite_test.go            
INFO internal/controller/myapp_controller.go      
INFO internal/controller/myapp_controller_test.go 
INFO Update dependencies:
$ go mod tidy           
INFO Running make:
$ make generate                
mkdir -p /home/king/workspace/king-devops/operator/myapp-operator/bin
Downloading sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.1
go: downloading sigs.k8s.io/controller-tools v0.16.1
go: downloading github.com/fatih/color v1.17.0
go: downloading golang.org/x/tools v0.24.0
go: downloading github.com/gobuffalo/flect v1.0.2
go: downloading golang.org/x/net v0.28.0
go: downloading github.com/mattn/go-isatty v0.0.20
go: downloading github.com/mattn/go-colorable v0.1.13
go: downloading golang.org/x/sys v0.23.0
go: downloading golang.org/x/sync v0.8.0
go: downloading golang.org/x/mod v0.20.0
go: downloading golang.org/x/text v0.17.0
/home/king/workspace/king-devops/operator/myapp-operator/bin/controller-gen object:headerFile="hack/boilerplate.go.txt" paths="./..."
Next: implement your new API and generate the manifests (e.g. CRDs,CRs) with:
$ make manifests

此时的目录结构:

shell 复制代码
.
├── api
│   └── v1
│       ├── groupversion_info.go
│       ├── myapp_types.go
│       └── zz_generated.deepcopy.go
├── bin
│   ├── controller-gen -> /home/king/workspace/king-devops/operator/myapp-operator/bin/controller-gen-v0.16.1
│   └── controller-gen-v0.16.1
├── cmd
│   └── main.go
├── config
│   ├── crd
│   │   ├── kustomization.yaml
│   │   └── kustomizeconfig.yaml
│   ├── default
│   │   ├── kustomization.yaml
│   │   ├── manager_metrics_patch.yaml
│   │   └── metrics_service.yaml
│   ├── manager
│   │   ├── kustomization.yaml
│   │   └── manager.yaml
│   ├── network-policy
│   │   ├── allow-metrics-traffic.yaml
│   │   └── kustomization.yaml
│   ├── prometheus
│   │   ├── kustomization.yaml
│   │   └── monitor.yaml
│   ├── rbac
│   │   ├── kustomization.yaml
│   │   ├── leader_election_role_binding.yaml
│   │   ├── leader_election_role.yaml
│   │   ├── metrics_auth_role_binding.yaml
│   │   ├── metrics_auth_role.yaml
│   │   ├── metrics_reader_role.yaml
│   │   ├── myapp_editor_role.yaml
│   │   ├── myapp_viewer_role.yaml
│   │   ├── role_binding.yaml
│   │   ├── role.yaml
│   │   └── service_account.yaml
│   └── samples
│       ├── apps_v1_myapp.yaml
│       └── kustomization.yaml
├── Dockerfile
├── go.mod
├── go.sum
├── hack
│   └── boilerplate.go.txt
├── internal
│   └── controller
│       ├── myapp_controller.go
│       ├── myapp_controller_test.go
│       └── suite_test.go
├── Makefile
├── PROJECT
├── README.md
└── test
    ├── e2e
    │   ├── e2e_suite_test.go
    │   └── e2e_test.go
    └── utils
        └── utils.go

19 directories, 43 files

如果需要在Nginx CRUD 时进行合法性检查, 可以生成webhook:

shell 复制代码
kubebuilder create webhook --group apps --version v1 --kind Myapp --conversion --defaulting --programmatic-validation

参数含义:

  • group参数表示组的概念
  • version定义版本
  • kind定义自定义资源类型
  • 以上参数组成 自定义yaml 的 apiVersion和kind
  • defaulting:默认值设置(Defaulting) 的目的是在CRD对象创建或更新时,如果某些字段没有被显式设置值,自动为其填充一个合理的默认值。这对于确保资源实例有一套统一的、预先定义的配置非常有用,可以减少用户的配置负担,并保证资源的一致性。例如,如果你定义了一个监控应用的CRD,可能希望默认开启日志记录功能,除非用户明确关闭它。
  • programmatic-validation:程序化验证(Programmatic Validation) 则是在CRD对象创建或更新前,对提交的数据进行逻辑验证的机制。与CRD schema提供的静态验证相比,程序化验证可以实现更加复杂的业务逻辑验证。这意味着你可以在webhook服务中编写代码来检查CRD实例的数据是否满足特定的业务规则或约束条件。例如,你可以验证一个资源请求的内存配额是否超过了集群的最大允许值,或者确保引用的其他资源确实存在。
  • conversion:自动数据迁移:conversion webhook可以在后台自动将CRD的一个版本转换为另一个版本,无需人工干预,从而简化了版本升级过程。
    • 兼容性保障:即使API发生变化,也能确保旧客户端和新客户端都能够正常工作,提高了系统的向后和向前兼容性。
    • 复杂逻辑处理:对于简单的字段添加或删除,Kubernetes的自动转换器可能足够用。但涉及到复杂的数据结构调整或逻辑变换时,就需要自定义conversion webhook来精确控制转换过程。

执行结果:

shell 复制代码
kubebuilder create webhook --group apps --version v1 --kind Myapp --conversion --defaulting --programmatic-validation
INFO Writing kustomize manifests for you to edit... 
INFO Writing scaffold for you to edit...          
INFO api/v1/myapp_webhook.go                      
INFO api/v1/myapp_webhook_test.go                 
INFO Webhook server has been set up for you.
You need to implement the conversion.Hub and conversion.Convertible interfaces for your CRD types. 
INFO api/v1/webhook_suite_test.go                 
INFO Update dependencies:
$ go mod tidy           
INFO Running make:
$ make generate                
/home/king/workspace/king-devops/operator/myapp-operator/bin/controller-gen object:headerFile="hack/boilerplate.go.txt" paths="./..."
Next: implement your new Webhook and generate the manifests with:
$ make manifests

此时目录结构:

shell 复制代码
.
├── api
│   └── v1
│       ├── groupversion_info.go
│       ├── myapp_types.go
│       ├── myapp_webhook.go
│       ├── myapp_webhook_test.go
│       ├── webhook_suite_test.go
│       └── zz_generated.deepcopy.go
├── bin
│   ├── controller-gen -> /home/king/workspace/king-devops/operator/myapp-operator/bin/controller-gen-v0.16.1
│   └── controller-gen-v0.16.1
├── cmd
│   └── main.go
├── config
│   ├── certmanager
│   │   ├── certificate.yaml
│   │   ├── kustomization.yaml
│   │   └── kustomizeconfig.yaml
│   ├── crd
│   │   ├── kustomization.yaml
│   │   ├── kustomizeconfig.yaml
│   │   └── patches
│   │       ├── cainjection_in_myapps.yaml
│   │       └── webhook_in_myapps.yaml
│   ├── default
│   │   ├── kustomization.yaml
│   │   ├── manager_metrics_patch.yaml
│   │   ├── manager_webhook_patch.yaml
│   │   ├── metrics_service.yaml
│   │   └── webhookcainjection_patch.yaml
│   ├── manager
│   │   ├── kustomization.yaml
│   │   └── manager.yaml
│   ├── network-policy
│   │   ├── allow-metrics-traffic.yaml
│   │   ├── allow-webhook-traffic.yaml
│   │   └── kustomization.yaml
│   ├── prometheus
│   │   ├── kustomization.yaml
│   │   └── monitor.yaml
│   ├── rbac
│   │   ├── kustomization.yaml
│   │   ├── leader_election_role_binding.yaml
│   │   ├── leader_election_role.yaml
│   │   ├── metrics_auth_role_binding.yaml
│   │   ├── metrics_auth_role.yaml
│   │   ├── metrics_reader_role.yaml
│   │   ├── myapp_editor_role.yaml
│   │   ├── myapp_viewer_role.yaml
│   │   ├── role_binding.yaml
│   │   ├── role.yaml
│   │   └── service_account.yaml
│   ├── samples
│   │   ├── apps_v1_myapp.yaml
│   │   └── kustomization.yaml
│   └── webhook
│       ├── kustomization.yaml
│       ├── kustomizeconfig.yaml
│       └── service.yaml
├── Dockerfile
├── go.mod
├── go.sum
├── hack
│   └── boilerplate.go.txt
├── internal
│   └── controller
│       ├── myapp_controller.go
│       ├── myapp_controller_test.go
│       └── suite_test.go
├── Makefile
├── PROJECT
├── README.md
└── test
    ├── e2e
    │   ├── e2e_suite_test.go
    │   └── e2e_test.go
    └── utils
        └── utils.go

22 directories, 57 files

最终的工程结构:

shell 复制代码
.
├── api
│   └── v1
│       ├── groupversion_info.go
│       ├── myapp_types.go
│       ├── myapp_webhook.go
│       ├── myapp_webhook_test.go
│       ├── webhook_suite_test.go
│       └── zz_generated.deepcopy.go
├── bin
│   ├── controller-gen -> /home/king/workspace/king-devops/operator/myapp-operator/bin/controller-gen-v0.16.1
│   └── controller-gen-v0.16.1
├── cmd
│   └── main.go
├── config
│   ├── certmanager
│   │   ├── certificate.yaml
│   │   ├── kustomization.yaml
│   │   └── kustomizeconfig.yaml
│   ├── crd
│   │   ├── kustomization.yaml
│   │   ├── kustomizeconfig.yaml
│   │   └── patches
│   │       ├── cainjection_in_myapps.yaml
│   │       └── webhook_in_myapps.yaml
│   ├── default
│   │   ├── kustomization.yaml
│   │   ├── manager_metrics_patch.yaml
│   │   ├── manager_webhook_patch.yaml
│   │   ├── metrics_service.yaml
│   │   └── webhookcainjection_patch.yaml
│   ├── manager
│   │   ├── kustomization.yaml
│   │   └── manager.yaml
│   ├── network-policy
│   │   ├── allow-metrics-traffic.yaml
│   │   ├── allow-webhook-traffic.yaml
│   │   └── kustomization.yaml
│   ├── prometheus
│   │   ├── kustomization.yaml
│   │   └── monitor.yaml
│   ├── rbac
│   │   ├── kustomization.yaml
│   │   ├── leader_election_role_binding.yaml
│   │   ├── leader_election_role.yaml
│   │   ├── metrics_auth_role_binding.yaml
│   │   ├── metrics_auth_role.yaml
│   │   ├── metrics_reader_role.yaml
│   │   ├── myapp_editor_role.yaml
│   │   ├── myapp_viewer_role.yaml
│   │   ├── role_binding.yaml
│   │   ├── role.yaml
│   │   └── service_account.yaml
│   ├── samples
│   │   ├── apps_v1_myapp.yaml
│   │   └── kustomization.yaml
│   └── webhook
│       ├── kustomization.yaml
│       ├── kustomizeconfig.yaml
│       └── service.yaml
├── Dockerfile
├── go.mod
├── go.sum
├── hack
│   └── boilerplate.go.txt
├── internal
│   └── controller
│       ├── myapp_controller.go
│       ├── myapp_controller_test.go
│       └── suite_test.go
├── Makefile
├── PROJECT
├── README.md
└── test
    ├── e2e
    │   ├── e2e_suite_test.go
    │   └── e2e_test.go
    └── utils
        └── utils.go

22 directories, 57 files

关键目录及其内容的概述:

  • Dockerfile: 定义了用于构建Operator容器镜像的Docker配置文件。
  • Makefile: 包含了一系列预定义的Make任务,用于构建、测试、运行和部署Operator。
  • PROJECT: 存储项目元数据的文件,Kubebuilder使用它来跟踪项目的状态和配置。
  • README.md: 项目的主要说明文档,通常包含项目简介、安装指南、开发流程等信息。
  • api/v1 : 定义了自定义资源定义(CRD)的目录,其中包含了资源的Go类型定义及DeepCopy生成文件。
    • myapp_types.go: 资源类型的定义(myapp_types.go)
    • myapp_webhook.go: webhook逻辑
    • zz_generated.deepcopy.go: 深拷贝生成代码
    • groupversion_info.go: 定义了API组和版本信息。
  • bin : 存放项目依赖的可执行文件,如controller-gen,用于CRD代码生成。
  • cmd/main.go: Operator的入口点,负责初始化和运行控制器。
  • config : 配置目录,包含用于Kubernetes资源部署的各种Kustomize配置。
    • crd/: 用于CRD资源的Kustomize配置。
    • default/: 应用默认的RBAC、服务等配置。
    • manager/: Operator Manager的部署配置。
    • network-policy/, prometheus/, rbac/, samples/: 分别包含网络策略、Prometheus监控配置、RBAC规则和示例资源的配置。
  • go.mod , go.sum: Go模块管理文件,记录项目依赖。
  • hack/boilerplate.go.txt: 用于代码生成的模板文件,保持版权头部一致性。
  • internal/controller : Operator控制器的核心逻辑所在,包含监控资源(Myapp)的控制器实现。
  • test : 测试相关目录。
    • e2e/: 端到端测试代码,验证整个Operator在Kubernetes集群上的行为。
    • utils/: 测试辅助工具和函数。

3、编写代码

下面主要以Deployment为例,核心逻辑是把自定义CR(Myapp)当做终态,把Deployment当做运行态,通过比对属性的不一致,编写相关的Reconcile逻辑。

一张图解释各种资源和 Controller 的关系:

3.1 定义 CRD

在api/v1/myapp_type.go中定义 Spec 和 Status

go 复制代码
// MyappSpec defines the desired state of Myapp
type MyappSpec struct {
	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
	// Important: Run "make" to regenerate code after modifying this file

	// Foo is an example field of Myapp. Edit myapp_types.go to remove/update
	Foo                   string `json:"foo,omitempty"`
	appsv1.DeploymentSpec `json:",inline"`
}

// MyappStatus defines the observed state of Myapp
type MyappStatus struct {
	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
	// Important: Run "make" to regenerate code after modifying this file
	appsv1.DeploymentSpec `json:",inline"`
}

// +kubebuilder:object:root=true
// +kubebuilder:subresource:status

// Myapp is the Schema for the myapps API
type Myapp struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   MyappSpec   `json:"spec,omitempty"`
	Status MyappStatus `json:"status,omitempty"`
}

注意+kubebuilder并非普通注释,不能随意删除。

3.2 编写Reconcile逻辑

在internal/controller/myapp_controller.go中实现 Reconcile 逻辑

go 复制代码
func (r *MyappReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
	logger := log.FromContext(ctx)

	// TODO(user): your logic here
	logger.Info("start Reconcile" + req.Name)

	return ctrl.Result{}, nil
}

3.3 修改Webhook

在api/v1/myapp_webhook.go中根据需要进行修改

go 复制代码
func (r *Myapp) ValidateCreate() error 
func (r *Myapp) ValidateUpdate(old runtime.Object) error
func (r *Myapp) Default()

3.4 修改main入口

以前的老版本kubebuilder生成的项目,需要在cmd/main.go添加监听的namespace

但是新版本没有这个信息,以下是示例:

go 复制代码
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
		Scheme:                 scheme,
		Metrics:                metricsServerOptions,
		WebhookServer:          webhookServer,
		HealthProbeBindAddress: probeAddr,
		LeaderElection:         enableLeaderElection,
		LeaderElectionID:       "6a511ed4.kubenode.kingtest.com",
		// LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily
		// when the Manager ends. This requires the binary to immediately end when the
		// Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
		// speeds up voluntary leader transitions as the new leader don't have to wait
		// LeaseDuration time first.
		//
		// In the default scaffold provided, the program ends immediately after
		// the manager stops, so would be fine to enable this option. However,
		// if you are doing or is intended to do any operation such as perform cleanups
		// after the manager stops then its usage might be unsafe.
		// LeaderElectionReleaseOnCancel: true,
	})

如果想监听固定的namespace信息,可以在Reconcile内实现。

相关推荐
能不能别报错8 小时前
K8s学习笔记(十六) 探针(Probe)
笔记·学习·kubernetes
能不能别报错10 小时前
K8s学习笔记(十四) DaemonSet
笔记·学习·kubernetes
火星MARK11 小时前
k8s面试题
容器·面试·kubernetes
Serverless社区12 小时前
阿里云函数计算 AgentRun 全新发布,构筑智能体时代的基础设施
阿里云·云原生·serverless·函数计算
赵渝强老师13 小时前
【赵渝强老师】Docker容器的资源管理机制
linux·docker·容器·kubernetes
能不能别报错14 小时前
K8s学习笔记(十五) pause容器与init容器
笔记·学习·kubernetes
稚辉君.MCA_P8_Java14 小时前
kafka解决了什么问题?mmap 和sendfile
java·spring boot·分布式·kafka·kubernetes
乄bluefox14 小时前
保姆级docker部署nacos集群
java·docker·容器
每天进步一点_JL15 小时前
Docker 是什么?
后端·docker·容器
一叶飘零_sweeeet15 小时前
从 0 到 1 掌控云原生部署:Java 项目的 Docker 容器化与 K8s 集群实战指南
docker·云原生·kubernetes·项目部署