How do I configure Kubernetes admission webhooks with KEDA?
This guide demonstrates how to configure Kubernetes admission webhooks with KEDA using Pulumi. Admission webhooks allow you to intercept requests to the Kubernetes API server before they are persisted. KEDA (Kubernetes-based Event Driven Autoscaling) extends Kubernetes to scale applications based on external events.
The following Pulumi program sets up a ValidatingWebhookConfiguration
for KEDA. This configuration will allow KEDA to validate custom resources before they are created or updated.
import * as pulumi from "@pulumi/pulumi";
import * as k8s from "@pulumi/kubernetes";
// Define the ValidatingWebhookConfiguration resource
const validatingWebhook = new k8s.admissionregistration.v1.ValidatingWebhookConfiguration("keda-validating-webhook", {
metadata: {
name: "keda-validating-webhook",
},
webhooks: [{
name: "validate.keda.sh",
clientConfig: {
service: {
name: "keda-operator-webhook",
namespace: "keda",
path: "/validate",
port: 443,
},
caBundle: "<base64-encoded-ca-cert>",
},
rules: [{
apiGroups: ["keda.sh"],
apiVersions: ["v1alpha1"],
operations: ["CREATE", "UPDATE"],
resources: ["scaledobjects"],
}],
failurePolicy: "Fail",
sideEffects: "None",
admissionReviewVersions: ["v1"],
}],
});
// Define a KEDA ScaledObject as an example resource to be validated by the webhook
const scaledObject = new k8s.apiextensions.CustomResource("example-scaledobject", {
apiVersion: "keda.sh/v1alpha1",
kind: "ScaledObject",
metadata: {
name: "example-scaledobject",
namespace: "default",
},
spec: {
scaleTargetRef: {
apiVersion: "apps/v1",
kind: "Deployment",
name: "example-deployment",
},
triggers: [{
type: "cpu",
metadata: {
type: "Utilization",
value: "50",
},
}],
},
});
export const webhookName = validatingWebhook.metadata.name;
export const scaledObjectName = scaledObject.metadata.name;
Key Points:
- ValidatingWebhookConfiguration: This resource intercepts requests to create or update KEDA
ScaledObject
resources, validating them before they are persisted. - KEDA: KEDA allows Kubernetes to scale applications based on external events, such as CPU utilization.
- CustomResource: An example
ScaledObject
resource is defined to demonstrate how the webhook validates custom KEDA resources.
Summary:
In this guide, we configured a Kubernetes admission webhook for KEDA using Pulumi. The webhook validates ScaledObject
resources before they are created or updated, ensuring they meet the necessary criteria. This setup helps maintain the integrity of custom resources in your Kubernetes cluster.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.