diff --git a/keda/templates/webhooks/deployment.yaml b/keda/templates/webhooks/deployment.yaml index 6a621a00..c7d72878 100644 --- a/keda/templates/webhooks/deployment.yaml +++ b/keda/templates/webhooks/deployment.yaml @@ -26,7 +26,7 @@ spec: app: {{ .Values.webhooks.name }} name: {{ .Values.webhooks.name }} app.kubernetes.io/name: {{ .Values.webhooks.name }} - {{- include "keda.labels" . | indent 8 }} + {{- include "keda.labels" . | indent 8 }} {{- if .Values.podLabels.webhooks }} {{- toYaml .Values.podLabels.webhooks | nindent 8 }} {{- end }} @@ -69,6 +69,10 @@ spec: - "--zap-encoder={{ .Values.logging.webhooks.format }}" - "--zap-time-encoding={{ .Values.logging.webhooks.timeEncoding }}" - "--cert-dir={{ .Values.certificates.mountPath }}" + - "--health-probe-bind-address=:{{ .Values.webhooks.healthProbePort }}" + {{- if .Values.webhooks.port }} + - "--port={{ .Values.webhooks.port }}" + {{- end }} {{- if .Values.prometheus.webhooks.enabled }} - --metrics-bind-address=:{{ .Values.prometheus.webhooks.port }} {{- end }} @@ -79,15 +83,15 @@ spec: livenessProbe: httpGet: path: /healthz - port: 8081 + port: {{ .Values.webhooks.healthProbePort }} initialDelaySeconds: 25 readinessProbe: httpGet: path: /readyz - port: 8081 + port: {{ .Values.webhooks.healthProbePort }} initialDelaySeconds: 20 ports: - - containerPort: 9443 + - containerPort: {{ .Values.webhooks.port | default 9443 }} name: http protocol: TCP {{- if .Values.prometheus.webhooks.enabled }} @@ -130,6 +134,7 @@ spec: {{- if .Values.volumes.webhooks.extraVolumes }} {{- toYaml .Values.volumes.webhooks.extraVolumes | nindent 8 }} {{- end }} + hostNetwork: {{ .Values.metricsServer.useHostNetwork }} nodeSelector: kubernetes.io/os: linux {{- with .Values.nodeSelector }} diff --git a/keda/templates/webhooks/service.yaml b/keda/templates/webhooks/service.yaml index 6bbbcbe3..fbd67b8b 100644 --- a/keda/templates/webhooks/service.yaml +++ b/keda/templates/webhooks/service.yaml @@ -18,7 +18,7 @@ spec: - name: http port: 443 protocol: TCP - targetPort: 9443 + targetPort: {{ .Values.webhooks.port | default 9443 }} {{- if .Values.prometheus.webhooks.enabled }} - name: {{ .Values.prometheus.webhooks.serviceMonitor.port }} port: {{ .Values.prometheus.webhooks.port }} diff --git a/keda/values.yaml b/keda/values.yaml index 195eff9a..76f9e082 100644 --- a/keda/values.yaml +++ b/keda/values.yaml @@ -80,6 +80,12 @@ metricsServer: webhooks: # -- Enable admission webhooks (this feature option will be removed in v2.12) enabled: true + # -- Port number to use for KEDA admission webhooks. Default is 9443. + port: "" + # -- Port number to use for KEDA admission webhooks health probe + healthProbePort: 8081 + # -- Enable webhook to use host network, this is required on EKS with custom CNI + useHostNetwork: false # -- Name of the KEDA admission webhooks name: keda-admission-webhooks # -- Capability to configure the number of replicas for KEDA admission webhooks @@ -224,8 +230,8 @@ podIdentity: # This will be set as a annotation on the KEDA service account. enabled: false # -- GCP IAM Service Account Email which you would like to use for workload identity. - gcpIAMServiceAccount: "" - + gcpIAMServiceAccount: "" + # -- Set this if you are using an external scaler and want to communicate # over TLS (recommended). This variable holds the name of the secret that # will be mounted to the /grpccerts path on the Pod