Kubernetes sidecar injection service
We can merge stuff again!
This release provides some nice QoL changes:
hostPid and hostNetwork. thanks @zhangjianweibjIf I'm missing anything or anyone let me know.
Bugfix release for supporting serviceAccountName injections properly. Previously we were doing a few things incorrectly.
serviceAccountName was "default", we were not injecting the serviceAccount. This was dumb and for that i am sorry.InjectionConfig that uses both inherits: as well as serviceAccountName that prevented the loaded config from including the serviceaccountVolumeMounts for a SA token created by the ServiceAccountController need to be removed from existing pods, so that the patched pod can be run through the SAController again and pick up the correct mounts for the newly injected serviceaccount.This release includes https://github.com/tumblr/k8s-sidecar-injector/pull/30, which allows you to now inject a serviceAccountName into your pod specs! Note that this requires Kubernetes 1.15+ to function correctly, as previous versions had ordering bugs with when the MWAC and ServiceAccount controllers were applied.
We add 2 features to the sidecar injector to make use at scale more ergonomic. 1) versioned configurations and 2) inheritance.
We found ourselves suffixing the names of sidecars with versioning information, so we could make improvements to sidecars without breaking legacy consumers of a given sidecar. For example, we would name configs name: some-sidecar-v3. To codify this behavior without changing the request interface, we add support for versioned sidecar configurations, similar to how Docker images work.
By changing nothing in your configs, each sidecar configuration now has a Version() which is derived by splitting off the last field after :. By default, this is latest. Here are some examples of name: fields, and the derived version.
my-sidecar -> latest
my-sidecar:latest -> latest
my-sidecar:v420 -> v420
my-sidecar:extra:fields:6.9 -> 6.9
This change allows you to maintain versioned configs, as well as "symlink" consumers to the latest version of a sidecar, via :latest.
In addition to versioning, we have found that a lot of our sidecar configurations are actually quite similar, and tend to have only a few differences. This brought us to build inheritance functionality into the configs. By introducing an inherits: field to configs loaded from disk (not ConfigMaps!), we support a config using a base, and merging in any fields from the child as necessary.
Note: some (most) fields in the config format are sets, so we must perform merging in a manner that provides set uniqueness by name field.
For example, a config like the following would load another.yaml, and then add 2 env vars to it. If EXISTING_VAR exists in another.yaml, it will be replaced. NEW_VAR, if not appearing in the env list, will be appended. All configs referenced via inherits: are relative to the directory of the parent file, and cannot traverse upwards in the directory.
name: example:v1
inherits: another.yaml
env:
- name: EXISTING_VAR
value: overridden
- name: NEW_VAR
value: new
See https://github.com/tumblr/k8s-sidecar-injector/pull/36 for implementation
Fix panic when watching ConfigMaps
This release includes a fix for watches that get their HTTP connection closed, and now properly handles reconnection.
Bugfix release. InitContainers should get any injected env vars and volume mounts.
Includes:
Simple release to improve latency histograms reported for http responses, via https://github.com/tumblr/k8s-sidecar-injector/pull/10
initContainers! https://github.com/tumblr/k8s-sidecar-injector/pull/8 Thanks to @iwilltry42 and @zach-dunton-sf!hostAliases! https://github.com/tumblr/k8s-sidecar-injector/pull/5 Thanks to @iwilltry42See https://github.com/tumblr/k8s-sidecar-injector/blob/master/docs/sidecar-configuration-format.md for the full sidecar config format and examples of the new injections
Changes since last release: https://github.com/tumblr/k8s-sidecar-injector/compare/v0.1.2...v0.1.4
Thanks to @iwilltry42 for adding volumeMounts support in sidecar configuration. (https://github.com/tumblr/k8s-sidecar-injector/pull/3). Additionally, this release includes cleaner error handling and more expressive metrics.