Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make the webhook server port configurable via flag #1120

Closed
joonas opened this issue Sep 11, 2019 · 17 comments · Fixed by #1176
Closed

Make the webhook server port configurable via flag #1120

joonas opened this issue Sep 11, 2019 · 17 comments · Fixed by #1176
Assignees
@luigi-riefolo
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Milestone
v0.4.x

Comments

@joonas
Copy link

joonas commented Sep 11, 2019
edited
Loading

/kind feature

Describe the solution you'd like

It was pointed out that in some cases the default value (443) for the webhook server port can be problematic, so we should should make this configurable via a flag.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

  • Cluster-api-provider-aws version:
  • Kubernetes version: (use kubectl version):
  • OS (e.g. from /etc/os-release):
@k8s-ci-robot k8s-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Sep 11, 2019
@joonas joonas mentioned this issue Sep 11, 2019
Merged
@joonas
Copy link
Author

joonas commented Sep 11, 2019

/help
/good-first-issue
/priority important-longterm

@k8s-ci-robot
Copy link
Contributor

@joonas:
This request has been marked as suitable for new contributors.

Please ensure the request meets the requirements listed here.

If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-good-first-issue command.

In response to this:

/help
/good-first-issue
/priority important-longterm

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. labels Sep 11, 2019
@luigi-riefolo
Copy link
Contributor

@joonas I'd like to work on this. Could you please provide an example of the desired functionality and/or how to run it?

@ncdc ncdc added priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. and removed priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. labels Sep 23, 2019
@ncdc ncdc added this to the v0.4.x milestone Sep 23, 2019
@joonas
Copy link
Author

joonas commented Sep 23, 2019
edited
Loading

@luigi-riefolo Great!

I believe what we should look at doing is adding a new flag (say webhook-port) that you can pass in to the CAPA manager (see how existing flags are setup), which then subsequently gets passed down as the Port option when initializing the controller-runtime manager.

Note, we should default the new flag with the existing default value.

Is that enough context to get you started?

@tahsinrahman
Copy link
Contributor

@joonas should we set default value to 443? then it'll always fail if we don't define value via flag

@detiber
Copy link
Member

detiber commented Sep 24, 2019

@tahsinrahman I think having the default be 443 for the binary would be good, then we can add a kustomize patch to config/default/ to override the argument to a more appropriate port for our use case.

@ncdc
Copy link
Contributor

ncdc commented Sep 24, 2019

Wouldn't it make more sense to use a higher port so it doesn't require root? I'd go with 8443 for the default (assuming no conflicts with e.g. the metrics server or something else).

@vincepri
Copy link
Member

+1 on having a higher port and use non-root user

@wfernandes
Copy link

@luigi-riefolo Could you /assign and /lifecycle active this issue if you are actively working on it?

@luigi-riefolo
Copy link
Contributor

/assign
/lifecycle active

@k8s-ci-robot k8s-ci-robot added the lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. label Oct 3, 2019
@luigi-riefolo
Copy link
Contributor

@joonas it is

@luigi-riefolo
Copy link
Contributor

@joonas which version should I use as base branch for the PR?
master: does not contain clusterctl, therefore make create-cluster-management fails
release-0.3: does not contain main.go with all the flags you were referring to

@joonas
Copy link
Author

joonas commented Oct 4, 2019
edited
Loading

@luigi-riefolo I would recommend working against the master branch (for the current v1alpha2 release).

clusterctl has been moved from the provider-specific code to core cluster-api instead, so you would have to first get a copy of it from the cluster-api repository.

@detiber @ncdc @vincepri thoughts on having a script in this repo that would check your path for clusterctl and fetch it if missing for the Makefile commands before attempting to use it?

@vincepri
Copy link
Member

vincepri commented Oct 4, 2019

While we don't ship clusterctl as part of the release, the Makefile builds it in a local directory before using it https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/master/Makefile#L109-L110

@luigi-riefolo
Copy link
Contributor

luigi-riefolo commented Oct 4, 2019
edited
Loading

@vincepri the above make target generates this error:

go build -o bin/clusterctl sigs.k8s.io/cluster-api/cmd/clusterctl
build sigs.k8s.io/cluster-api/cmd/clusterctl: cannot load github.com/Azure/go-autorest/autorest: ambiguous import: found github.com/Azure/go-autorest/autorest in multiple modules:
	github.com/Azure/go-autorest v11.1.2+incompatible (/home/luigi/go/pkg/mod/github.com/!azure/go-autorest@v11.1.2+incompatible/autorest)
	github.com/Azure/go-autorest/autorest v0.9.0 (/home/luigi/go/pkg/mod/github.com/!azure/go-autorest/autorest@v0.9.0)
Makefile:110: recipe for target 'bin/clusterctl' failed

is this a known issue?

@vincepri
Copy link
Member

vincepri commented Oct 4, 2019

That's unfortunate, can you file a different issue? Seems something broke somewhere in modules

@vincepri vincepri mentioned this issue Oct 4, 2019
Merged
@vincepri
Copy link
Member

vincepri commented Oct 4, 2019

Filed #1169

@luigi-riefolo luigi-riefolo mentioned this issue Oct 6, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@luigi-riefolo luigi-riefolo

Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/active Indicates that an issue or PR is actively being worked on by a contributor. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Projects
None yet
Milestone
v0.4.x
Development

Successfully merging a pull request may close this issue.

✨ Add webhook port flag luigi-riefolo/cluster-api-provider-aws
8 participants
@ncdc @joonas @detiber @wfernandes @vincepri @luigi-riefolo @tahsinrahman @k8s-ci-robot