✨ Networking config for default mode webhooks

operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml

@@ -91,6 +91,71 @@ spec:
                   DeployOption contains the options of deploying a cluster-manager
                   Default mode is used if DeployOption is not set.
                 properties:
+                  default:
+                    description: Default includes configurations for clustermanager
+                      in the Default mode
+                    properties:
+                      registrationWebhookConfiguration:
+                        description: RegistrationWebhookConfiguration represents the
+                          customized webhook-server configuration of registration.
+                        properties:
+                          healthProbeBindAddress:
+                            default: :8000
+                            description: |-
+                              HealthProbeBindAddress represents the healthcheck address of a webhook-server. The default value is ":8000".
+                              Healthchecks may be disabled by setting a value of "0" or "".
+                            type: string
+                          hostNetwork:
+                            description: |-
+                              HostNetwork enables running webhook pods with hostNetwork: true
+                              This may be required in some installations, such as EKS with Calico CNI,
+                              to allow the API Server to communicate with the webhook pods.
+                            type: boolean
+                          metricsBindAddress:
+                            default: :8080
+                            description: |-
+                              MetricsBindAddress represents the metrics address of a webhook-server. The default value is ":8080"
+                              Metrics may be disabled by setting a value of "0" or "".
+                            type: string
+                          port:
+                            default: 9443
+                            description: Port represents the port of a webhook-server.
+                              The default value of Port is 9443.
+                            format: int32
+                            maximum: 65535
+                            type: integer
+                        type: object
+                      workWebhookConfiguration:
+                        description: WorkWebhookConfiguration represents the customized
+                          webhook-server configuration of work.
+                        properties:
+                          healthProbeBindAddress:
+                            default: :8000
+                            description: |-
+                              HealthProbeBindAddress represents the healthcheck address of a webhook-server. The default value is ":8000".
+                              Healthchecks may be disabled by setting a value of "0" or "".
+                            type: string
+                          hostNetwork:
+                            description: |-
+                              HostNetwork enables running webhook pods with hostNetwork: true
+                              This may be required in some installations, such as EKS with Calico CNI,
+                              to allow the API Server to communicate with the webhook pods.
+                            type: boolean
+                          metricsBindAddress:
+                            default: :8080
+                            description: |-
+                              MetricsBindAddress represents the metrics address of a webhook-server. The default value is ":8080"
+                              Metrics may be disabled by setting a value of "0" or "".
+                            type: string
+                          port:
+                            default: 9443
+                            description: Port represents the port of a webhook-server.
+                              The default value of Port is 9443.
+                            format: int32
+                            maximum: 65535
+                            type: integer
+                        type: object
+                    type: object
                   hosted:
                     description: Hosted includes configurations we need for clustermanager
                       in the Hosted mode.
@@ -106,6 +171,24 @@ spec:
                               The Address must be reachable by apiserver of the hub cluster.
                             pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
                             type: string
+                          healthProbeBindAddress:
+                            default: :8000
+                            description: |-
+                              HealthProbeBindAddress represents the healthcheck address of a webhook-server. The default value is ":8000".
+                              Healthchecks may be disabled by setting a value of "0" or "".
+                            type: string
+                          hostNetwork:
+                            description: |-
+                              HostNetwork enables running webhook pods with hostNetwork: true
+                              This may be required in some installations, such as EKS with Calico CNI,
+                              to allow the API Server to communicate with the webhook pods.
+                            type: boolean
+                          metricsBindAddress:
+                            default: :8080
+                            description: |-
+                              MetricsBindAddress represents the metrics address of a webhook-server. The default value is ":8080"
+                              Metrics may be disabled by setting a value of "0" or "".
+                            type: string
                           port:
                             default: 443
                             description: Port represents the port of a webhook-server.
@@ -127,6 +210,24 @@ spec:
                               The Address must be reachable by apiserver of the hub cluster.
                             pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
                             type: string
+                          healthProbeBindAddress:
+                            default: :8000
+                            description: |-
+                              HealthProbeBindAddress represents the healthcheck address of a webhook-server. The default value is ":8000".
+                              Healthchecks may be disabled by setting a value of "0" or "".
+                            type: string
+                          hostNetwork:
+                            description: |-
+                              HostNetwork enables running webhook pods with hostNetwork: true
+                              This may be required in some installations, such as EKS with Calico CNI,
+                              to allow the API Server to communicate with the webhook pods.
+                            type: boolean
+                          metricsBindAddress:
+                            default: :8080
+                            description: |-
+                              MetricsBindAddress represents the metrics address of a webhook-server. The default value is ":8080"
+                              Metrics may be disabled by setting a value of "0" or "".
+                            type: string
                           port:
                             default: 443
                             description: Port represents the port of a webhook-server.

operator/v1/types_clustermanager.go

@@ -232,19 +232,62 @@ const (
 	FeatureGateModeTypeDisable FeatureGateModeType = "Disable"
 )
 
+// DefaultClusterManagerConfiguration represents customized configurations for clustermanager in the Default mode
+type DefaultClusterManagerConfiguration struct {
+	// RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
+	// +optional
+	RegistrationWebhookConfiguration DefaultWebhookConfiguration `json:"registrationWebhookConfiguration,omitempty"`
+
+	// WorkWebhookConfiguration represents the customized webhook-server configuration of work.
+	// +optional
+	WorkWebhookConfiguration DefaultWebhookConfiguration `json:"workWebhookConfiguration,omitempty"`
+}
+
 // HostedClusterManagerConfiguration represents customized configurations we need to set for clustermanager in the Hosted mode.
 type HostedClusterManagerConfiguration struct {
 	// RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
 	// +optional
-	RegistrationWebhookConfiguration WebhookConfiguration `json:"registrationWebhookConfiguration,omitempty"`
+	RegistrationWebhookConfiguration HostedWebhookConfiguration `json:"registrationWebhookConfiguration,omitempty"`
 
 	// WorkWebhookConfiguration represents the customized webhook-server configuration of work.
 	// +optional
-	WorkWebhookConfiguration WebhookConfiguration `json:"workWebhookConfiguration,omitempty"`
+	WorkWebhookConfiguration HostedWebhookConfiguration `json:"workWebhookConfiguration,omitempty"`
 }
 
-// WebhookConfiguration has two properties: Address and Port.
+// WebhookConfiguration represents customization of webhook servers
 type WebhookConfiguration struct {
+	// HealthProbeBindAddress represents the healthcheck address of a webhook-server. The default value is ":8000".
+	// Healthchecks may be disabled by setting a value of "0" or "".
+	// +optional
+	// +kubebuilder:default=":8000"
+	HealthProbeBindAddress string `json:"healthProbeBindAddress"`
+
+	// MetricsBindAddress represents the metrics address of a webhook-server. The default value is ":8080"
+	// Metrics may be disabled by setting a value of "0" or "".
+	// +optional
+	// +kubebuilder:default=":8080"
+	MetricsBindAddress string `json:"metricsBindAddress"`
+
+	// HostNetwork enables running webhook pods with hostNetwork: true
+	// This may be required in some installations, such as EKS with Calico CNI,
+	// to allow the API Server to communicate with the webhook pods.
+	// +optional
+	HostNetwork bool `json:"hostNetwork,omitempty"`
+}
+
+// DefaultWebhookConfiguration represents customization of webhook servers running in default installation mode
+type DefaultWebhookConfiguration struct {
+	// Port represents the port of a webhook-server. The default value of Port is 9443.
+	// +optional
+	// +kubebuilder:default=9443
+	// +kubebuilder:validation:Maximum=65535
+	Port int32 `json:"port,omitempty"`
+
+	WebhookConfiguration `json:",inline"`
+}
+
+// HostedWebhookConfiguration represents customization of webhook servers running in hosted installation mode
+type HostedWebhookConfiguration struct {
 	// Address represents the address of a webhook-server.
 	// It could be in IP format or fqdn format.
 	// The Address must be reachable by apiserver of the hub cluster.
@@ -258,6 +301,8 @@ type WebhookConfiguration struct {
 	// +kubebuilder:default=443
 	// +kubebuilder:validation:Maximum=65535
 	Port int32 `json:"port,omitempty"`
+
+	WebhookConfiguration `json:",inline"`
 }
 
 // ClusterManagerDeployOption describes the deployment options for cluster-manager
@@ -274,6 +319,10 @@ type ClusterManagerDeployOption struct {
 	// +kubebuilder:validation:Enum=Default;Hosted
 	Mode InstallMode `json:"mode,omitempty"`
 
+	// Default includes configurations for clustermanager in the Default mode
+	// +optional
+	Default *DefaultClusterManagerConfiguration `json:"default,omitempty"`
+
 	// Hosted includes configurations we need for clustermanager in the Hosted mode.
 	// +optional
 	Hosted *HostedClusterManagerConfiguration `json:"hosted,omitempty"`