pod-exec-guard-kubewebhook-tutorial

Introduction

This is a tutorial that shows how to develop a Kubernetes admission webhook.

To explain this, the tutorial is split in 5 videos.

We will create a webhook from scratch that will try to recreate the webhook that this post describes.

The problem to solve

When a user makes an exec operation on a pod, we mark that pod and set a TTL, when that TTL expires, the pod will be deleted.

The tutorial is based on kubewebhook to develop the webhook, and uses kube-janitor to delete the pods after a specific TTL expires.

Disclaimer

  • The webhook it is not production ready.
  • Its just made as a tutorial step by step.
  • It would need more structure, tests, docs, metrics…

Content

GitHub

https://github.com/slok/pod-exec-guard-kubewebhook-tutorial