Originally based on the k8s-at-home container template and the example for Kubewebhook, this admision webhook changes the default gateway and, optionally, the DNS of processed pods. It does so by adding an init container and a sidecar. The sidecar is used in case the IP of the gateway changes.
This is useful in order to send traffic to a VPN forwarder, traffic scanner, etc instead of using the default cluster egress.
The .github folder will get PRs from this template so you can apply the latest workflows.
You need to create the following secrets (not needed within the k8s-at-home org - there we use org-wide secrets):
- GHCR_USERNAME # Needed to upload container to the Github Container Registry
- GHCR_TOKEN # Needed to upload container to the Github Container Registry
- Build and test local
make
- Build the container
make docker-build
Check the [Makefile] for other build targets
It is expected to be used from within a Helm chart but the binary might also be run directly:
- Run
make run
- Connect to :8080
For more options you might run make help