K
Q

Mutating Admission Controller doesnt get called on Deployments Create/Updates

8/5/2019

I have a ValidatingWebhookConfiguration monitoring Pods which is working fine. I also have a MutatingWebhookConfiguration monitoring ( and eventually mutating ) Deployment Objects.

I have both the Controllers written in Go. Pretty much the code for Mutating one is a clone of the Validating one.

On the ValidatingWebhookConfiguration the triggering rule is :

 - operations: ["CREATE","UPDATE"]
   apiGroups: [""]
   apiVersions: ["v1"]
   resources: ["pods"]

It is getting triggered fine.

On the MutatingWebhookConfiguration the triggering rule is :

 - operations: ["CREATE","UPDATE"]
   apiGroups: [""]
   apiVersions: ["v1beta1"]
   resources: ["deployments"]

I am able to see that the webhook is getting started, but I am not getting it to trigger.

I have tried changing v1beta1 to extensions/v1beta1 and still have no luck.

Any ideas on what I am doing wrong ?

I would appreciate any help.

Thanks,

-Sreeni

-- Sreeni
kubernetes

Similar Questions

Kubernetes - Not all pods responding to requests to a single node cluter
Fluentd logs is full of backslash and kibana doesn't show k8s pods logs
HPA using Kafka Exporter in on premise Kubernetes cluster
Serve one path internally and a different one externally
Supporting multiple versions of Kuberentes APIs in Go program
Upload file to openshift pod

1 Answer

8/5/2019

If you want to take action on deployments, you need to specify the api group. For deployments it is apps. You can get a list of all resources in kubernetes and the according api groups with the following command:

$ kubectl api-resources        
NAME                              SHORTNAMES   APIGROUP                       NAMESPACED   KIND
bindings                                                                      true         Binding
...
deployments                       deploy       apps                           true         Deployment
...
-- Thomas
Source: StackOverflow