diff --git a/README.md b/README.md index 80fa61b..b1eb3a5 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,31 @@ You can build the docker container by running: docker build . ``` +# Usage + +## Environment config + +* `NSM_NAME` - Name of current admission webhook instance (default: "admission-webhook-k8s") +* `NSM_SERVICE_NAME` - Name of service that related to this admission webhook instance (default: "default") +* `NSM_NAMESPACE` - Namespace where admission webhook is deployed (default: "default") +* `NSM_ANNOTATION` - Name of annotation that means that the resource can be handled by admission-webhook (default: "networkservicemesh.io") +* `NSM_LABELS` - Map of labels and their values that should be appended for each deployment that has Config.Annotation +* `NSM_NSURL_ENV_NAME` - Name of env that contains NSURL in initContainers/Containers +* `NSM_INIT_CONTAINER_IMAGES` - List of init containers that should be appended for each deployment that has Config.Annotation +* `NSM_CONTAINER_IMAGES` - List of containers that should be appended for each deployment that has Config.Annotation +* `NSM_ENVS` - Additional Envs that should be appended for each Config.ContainerImages and Config.InitContainerImages +* `NSM_WEBHOOK_MODE` - Default 'spire' mode uses spire certificates and external webhook configuration. Set to 'selfregister' to use the automatically generated webhook configuration (default: "spire") +* `NSM_CERT_FILE_PATH` - Path to certificate. Preferred use if specified +* `NSM_KEY_FILE_PATH` - Path to RSA/Ed25519 related to Config.CertFilePath. Preferred use if specified +* `NSM_CA_BUNDLE_FILE_PATH` - Path to cabundle file related to Config.CertFilePath. Preferred use if specified +* `NSM_OPEN_TELEMETRY_ENDPOINT` - OpenTelemetry Collector Endpoint (default: "otel-collector.observability.svc.cluster.local:4317") +* `NSM_METRICS_EXPORT_INTERVAL` - interval between mertics exports (default: "10s") +* `NSM_SIDECAR_LIMITS_MEMORY` - Lower bound of the NSM sidecar memory limit (in k8s resource management units) (default: "80Mi") +* `NSM_SIDECAR_LIMITS_CPU` - Lower bound of the NSM sidecar CPU limit (in k8s resource management units) (default: "200m") +* `NSM_SIDECAR_REQUESTS_MEMORY` - Lower bound of the NSM sidecar requests memory limits (in k8s resource management units) (default: "40Mi") +* `NSM_SIDECAR_REQUESTS_CPU` - Lower bound of the NSM sidecar requests CPU limits (in k8s resource management units) (default: "100m") +* `NSM_KUBELET_QPS` - kubelet QPS config (default: "50") + # Testing ## Testing Docker container @@ -72,4 +97,4 @@ docker run --privileged -e DLV_LISTEN_FORWARDER=:50000 -p 40000:40000 -p 50000:5 ``` Please note, the tests **start** the cmd, so until you connect to port 40000 with your debugger and walk the tests -through to the point of running cmd, you will not be able to attach a debugger on port 50000 to the cmd. \ No newline at end of file +through to the point of running cmd, you will not be able to attach a debugger on port 50000 to the cmd. diff --git a/internal/config/config.go b/internal/config/config.go index 969ac50..f50e15c 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -52,7 +52,7 @@ type Config struct { CertFilePath string `desc:"Path to certificate. Preferred use if specified" split_words:"true"` KeyFilePath string `desc:"Path to RSA/Ed25519 related to Config.CertFilePath. Preferred use if specified" split_words:"true"` CABundleFilePath string `desc:"Path to cabundle file related to Config.CertFilePath. Preferred use if specified" split_words:"true"` - OpenTelemetryEndpoint string `default:"otel-collector.observability.svc.cluster.local:4317" desc:"OpenTelemetry Collector Endpoint"` + OpenTelemetryEndpoint string `default:"otel-collector.observability.svc.cluster.local:4317" desc:"OpenTelemetry Collector Endpoint" split_words:"true"` MetricsExportInterval time.Duration `default:"10s" desc:"interval between mertics exports" split_words:"true"` SidecarLimitsMemory string `default:"80Mi" desc:"Lower bound of the NSM sidecar memory limit (in k8s resource management units)" split_words:"true"` SidecarLimitsCPU string `default:"200m" desc:"Lower bound of the NSM sidecar CPU limit (in k8s resource management units)" split_words:"true"`