- Injects tcpdump container as a sidecar by object-label (tcpdump-enabled: "true") while creating PODs.
- Written in Golang.
-
Docker Image Build (Go Server)
-
Create CA and Client Certificates (CloudFlare SSL)
-
Create secret file with client certificates (./manifests/webhook-secrets.yaml)
-
Create webhook configuration with ca bundle (./manifests/webhook-configuration.yaml)
-
Apply secret resources (./manifests/webhook-secrets.yaml)
-
Create serviceaccount (./manifests/webhook-rbac.yaml)
-
Create deployment and svc for webhook server (./manifests/webhook-deployment-svc.yaml)
-
Create mutatingwebhookconfiguration (./manifests/webhook-configuration.yaml)
-
Change docker image name before STEP 1
- Update container's image (./manifests/webhook-deployment-svc.yaml)
-
Change hostname according to webhook name and namespace before STEP 2
- Update serviceaccount's namespace (./manifests/webhook-rbac.yaml)
- Update deplomyent's and svc's namespace and webhook name (./manifests/webhook-deployment-svc.yaml)
- Update clientConfig's namespace and svc (./manifests/webhook-configuration-template.yaml)