Kubernetes Installation

This section includes different installation options such as a sidecar, stand-alone deployment or an operator.

Last updated 2 years ago

Was this helpful?

Kubernetes Installation

This section includes different installation options such as a sidecar, stand-alone deployment or an operator.

Webhook Relay can help you receive webhooks for your internal services. We provide multiple options for the installation.

Option 1: Webhook Relay Operator (recommended)

Webhook Relay operator not only deploys and manages agent containers that subscribe and forward webhooks but it also configures buckets, inputs (your public endpoints) and outputs (forwarding destinations).

Install

Prerequisites:

Kubernetes

You need to add this Chart repo to Helm:

helm repo add webhookrelay https://charts.webhookrelay.com
helm repo update

Get access token from . Once you click on ‘Create Token’, it will generate it and show a helper to set environment variables:

export RELAY_KEY=*****-****-****-****-*********
export RELAY_SECRET=**********

Install through Helm:

helm upgrade --install webhookrelay-operator --namespace=default webhookrelay/webhookrelay-operator \
  --set credentials.key=$RELAY_KEY --set credentials.secret=$RELAY_SECRET

Usage

# cr.yaml
apiVersion: forward.webhookrelay.com/v1
kind: WebhookRelayForward
metadata:
  name: example-forward
spec:
  buckets:
  - name: k8s-operator
    inputs:
    - name: public-endpoint
      description: "Public endpoint, supply this to the webhook producer"
      responseBody: "OK"
      responseStatusCode: 200
    outputs:
    - name: webhook-receiver
      destination: http://destination:5050/webhooks
      internal: true

kubectl apply -f cr.yaml

Uninstall

To remove the agent that is forwarding the webhooks, remove the CR that created it:

kubectl delete -f cr.yaml

To remove operator, use standard Helm command to uninstall the operator.

helm uninstall webhookrelay-operator

Option 2: Sidecar

kubectl create secret generic webhookrelay-credentials --from-literal=key=[access key] --from-literal=secret=[access secret]

Once the secret is created, you can deploy Webhook Relay container either as a sidecar or a standalone container. Webhook Relay agent can be easily deployed as a sidecar. This way requests can be forwarded to the service through localhost:

apiVersion: apps/v1
kind: Deployment
metadata: 
  name: webhookrelay
  labels: 
      name: webhookrelay   
spec:
  replicas: 1
  selector:
    matchLabels:
      app: webhookrelay
  template:
    metadata:
      name: webhookrelay
      labels:
        app: webhookrelay        
    spec:
      containers:
        # Your example container                
        - image: karolisr/webhook-demo:0.0.15
          imagePullPolicy: Always            
          name: example
          command: ["/bin/webhook-demo"]
          ports:
            - containerPort: 8090       
          livenessProbe:
            httpGet:
              path: /healthz
              port: 8090
            initialDelaySeconds: 30
            timeoutSeconds: 10
          securityContext:
            privileged: true              
        # [START webhookrelay_container]
        - image: webhookrelay/webhookrelayd:latest
          name: relay
          env:                         
            - name: KEY
              valueFrom:
                secretKeyRef:
                  name: webhookrelay-credentials
                  key: key                
            - name: SECRET
              valueFrom:
                secretKeyRef:
                  name: webhookrelay-credentials
                  key: secret
            - name: BUCKET
              value: webhook-demo
            - name: WEBSOCKET_TRANSPORT # Optional when gRPC is not available
              value: "true" 
        # [END webhookrelay_container]

Option 3: Separate deployment

Webhook Relay container can also work as stand-alone deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: webhookrelay
  labels:
    app: webhookrelay   
spec:
  replicas: 1
  selector:
    matchLabels:
      app: webhookrelay
      release: webhookrelay
  template:
    metadata:
      labels:
        app: webhookrelay
        release: webhookrelay
    spec:      
      containers:
        - name: webhookrelayd
          image: webhookrelay/webhookrelayd:latest
          env:
            - name: KEY
              valueFrom:
                secretKeyRef:
                  name: webhookrelay-credentials
                  key: key                
            - name: SECRET
              valueFrom:
                secretKeyRef:
                  name: webhookrelay-credentials
                  key: secret
            - name: BUCKET
              value: webhook-demo
            - name: WEBSOCKET_TRANSPORT # Optional when gRPC is not available
              value: "true"

Option 4: Ingress Controller

Deployment files and issue tracker is available on GitHub:

You can try out Web Relay ingress controller by creating a deployment from a hosted manifest, no clone or local install necessary.

What you do need:

A Kubernetes cluster that has access to the Internet
kubectl configured with admin access to your cluster

Install

To add Web Relay ingress controller to your cluster, run:

relay ingress init

This command:

Creates webrelay-ingress namespace
Creates webrelay service account
Creates deployment with the controller
Creates cluster role and binding
Generates access key and secret for the Web Relay server and supplies them as a Kubernetes secret

If RBAC isn’t enabled on your cluster (for example, if you’re on GKE with legacy authorization or Minikube without RBAC), run:

relay ingress init --no-rbac

Uninstall Ingress Controller

To remove it, either delete the namespace where it was deployed or use:

relay ingress reset

PreviousContainerized NextPodman

Last updated 2 years ago

Was this helpful?