Creating and Debugging Kubernetes Admission Webhooks - Maninderjit Bindra, Microsoft
Рет қаралды 4,638
![CNCF [Cloud Native Computing Foundation]](http://yt3.ggpht.com/txe66EjpkDQQlx_4jDV0yA0PPsww0rqQrFhMpDqagLWN2-EUBBO65IuIyy5tEFVmpI4_RRduzXc=s48-c-k-c0x00ffffff-no-rj)
4 жыл бұрынDon't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects - Learn more at kubecon.io
Creating and Debugging Kubernetes Admission Webhooks - Maninderjit Bindra, Microsoft
This talk will focus on Kubernetes Admission webhooks. We will go through Kubernetes API request flow. What Kubernetes Admission controllers are What Admission webhooks (validating and mutating) are, and the common use cases for creating them- Creating a custom admission webhook- Discuss challenges faced when developing admission webhooks- A look at one of the ways we can perform live debugging (with breakpoints and step throughs) for a admission webhook deployed to a K8s cluster. Briefly touch upon Open Policy Agent and the Gatekeeper project in the context of this talk
sched.co/YWJ8
@cantwaittowatch 3 жыл бұрын
Got a good high level and some detail view but given the complexity of the custom hooks, more pictures and detailed flows would always help than words. Thanks for presenting such a non-trivial topic.
@zubinpratap 3 жыл бұрын
Timestamped TOC 👇🏼 1:00 Intro to talk, and scope 1:30 context to admission controllers - understand the k8s API request flow 5:10 common functions performed by admission controllers 6:22 API request flow, including mutating and validating webhooks 7:41 usecases for mutating and validating webhooks 9:25 sample usecase for a webhook - outline 10:39 structure of a validation admission webhook's YAML 12:33 k8s API's Admission Review Request object 13:21 Webhook allow or fail response structure 15:17 debugging 17:05 Demo webhook success and fail responses for the sample usecase 18:35 Go code debugging in VSCode 23:03 Open Policy Agent as an alternative to Admission Webhooks for policy enforcement
@bhumijgupta 3 жыл бұрын
This was really helpful and very concise!
@sachintiwari1579 3 жыл бұрын
"mutating webhooks are called serially, one after the other" - So in case of multiple mutating webhooks is there some logic behind order in which they will be get called?
@manibindra 4 жыл бұрын
Hi @CNCF wanted to check why the video was moved from its original link of kzbin.info/www/bejne/mH7Qiqqsqb58kMU ?
@srahul842002 3 жыл бұрын
Thanks a lot this was useful and the way you explained was appreciable :)
CNCF [Cloud Native Computing Foundation]
Рет қаралды 274
CNCF [Cloud Native Computing Foundation]
Рет қаралды 6 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 6 М.
VMware {code}
Рет қаралды 2,1 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 13 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 25 М.
Vivek Singh
Рет қаралды 3,6 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 5 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 187 М.
Microsoft Developer
Рет қаралды 26 М.
CNCF [Cloud Native Computing Foundation]
Рет қаралды 125 М.
Brother-live_mob
Рет қаралды 1,5 МЛН
Photographer Army
Рет қаралды 10 МЛН