Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
Mengonfigurasi waktu tunggu webhook
Halaman ini menjelaskan cara mengonfigurasi waktu tunggu webhook untuk Config Connector.
Anda dapat mengonfigurasi webhook ini di Config Connector versi 1.110 dan yang lebih baru.
Mengonfigurasi waktu tunggu untuk memvalidasi webhook
Anda dapat mengonfigurasi webhook validasi berikut:
Misalnya, Anda dapat mengonfigurasi waktu tunggu webhook validasi
deny-immutable-field-updates.cnrm.cloud.google.com dan
deny-unknown-fields.cnrm.cloud.google.com dengan membuat dan menerapkan
contoh file YAML berikut. Webhook ini adalah bagian dari konfigurasi
validasi konfigurasi
webhookvalidating-webhook.cnrm.cloud.google.com.
Buat file bernama configure-validating-webhook-timeout.yaml dan salin
YAML berikut ke dalamnya:
Misalnya, Anda dapat mengonfigurasi waktu tunggu untuk mengubah webhook
container-annotation-handler.cnrm.cloud.google.com dengan membuat dan menerapkan
contoh file YAML berikut. Webhook adalah bagian dari konfigurasi konfigurasi webhook yang memodifikasimutating-webhook.cnrm.cloud.google.com.
Buat file bernama configure-mutating-webhook-timeout.yaml dan salin
YAML berikut ke dalamnya:
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[[["\u003cp\u003eConfig Connector version 1.110 and later allows for the configuration of timeouts for both validating and mutating webhooks.\u003c/p\u003e\n"],["\u003cp\u003eValidating webhooks such as \u003ccode\u003edeny-immutable-field-updates.cnrm.cloud.google.com\u003c/code\u003e and \u003ccode\u003edeny-unknown-fields.cnrm.cloud.google.com\u003c/code\u003e can have their timeouts customized via a \u003ccode\u003eValidatingWebhookConfigurationCustomization\u003c/code\u003e YAML file.\u003c/p\u003e\n"],["\u003cp\u003eMutating webhooks like \u003ccode\u003econtainer-annotation-handler.cnrm.cloud.google.com\u003c/code\u003e can be configured using a \u003ccode\u003eMutatingWebhookConfigurationCustomization\u003c/code\u003e YAML file to adjust their timeout durations.\u003c/p\u003e\n"],["\u003cp\u003eApplying the webhook timeout customizations involves creating and applying the respective YAML files with \u003ccode\u003ekubectl apply\u003c/code\u003e, followed by verifying the successful configuration with specific \u003ccode\u003ekubectl\u003c/code\u003e commands.\u003c/p\u003e\n"],["\u003cp\u003eWhen specifying webhook names in the YAML configuration files, users should omit the \u003ccode\u003e.cnrm.cloud.google.com\u003c/code\u003e suffix from the webhook names.\u003c/p\u003e\n"]]],[],null,["# Configure webhook timeout\n=========================\n\n*** ** * ** ***\n\nThis page describes how to configure the webhook timeout for Config Connector.\nYou can configure these webhooks in Config Connector version 1.110 and later.\n\nConfigure timeout for validating webhooks\n-----------------------------------------\n\nYou can configure the following validating webhooks:\n\n- `deny-immutable-field-updates.cnrm.cloud.google.com`\n- `deny-unknown-fields.cnrm.cloud.google.com`\n- `iam-validation.cnrm.cloud.google.com`\n- `resource-validation.cnrm.cloud.google.com`\n- `abandon-on-uninstall.cnrm.cloud.google.com`\n\nFor example, you can configure the timeout of validating webhooks\n`deny-immutable-field-updates.cnrm.cloud.google.com` and\n`deny-unknown-fields.cnrm.cloud.google.com` by creating and applying the\nfollowing example YAML file. These webhooks are part of the configuration of the\n`validating-webhook.cnrm.cloud.google.com` [validating webhook\nconfiguration](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#webhook-configuration).\n\n1. Create a file named `configure-validating-webhook-timeout.yaml` and copy the\n following YAML into it:\n\n apiVersion: customize.core.cnrm.cloud.google.com/v1beta1\n kind: ValidatingWebhookConfigurationCustomization\n metadata:\n name: validating-webhook\n spec:\n webhooks:\n - name: deny-immutable-field-updates\n timeoutSeconds: 12\n - name: deny-unknown-fields\n timeoutSeconds: 15\n\n | **Note:** when specifying the name of webhook configuration and the names of webhooks in the YAML file, don't include the `.cnrm.cloud.google.com` suffix.\n2. Use [`kubectl apply`](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#apply)\n to apply the webhook timeout customization to your cluster:\n\n ```\n kubectl apply -f configure-validating-webhook-timeout.yaml\n ```\n3. Verify the successful configuration by running the following command:\n\n ```\n kubectl get validatingwebhookconfigurationcustomizations validating-webhook -o jsonpath='{.status.healthy}{\"\\n\"}'\n ```\n\n It should display `status.healthy` field set to `true`.\n4. Verify that the new custom timeout has been applied to the target webhooks:\n\n ```\n kubectl get validatingwebhookconfigurations validating-webhook.cnrm.cloud.google.com -o jsonpath='{.webhooks[?(@.name==\"deny-immutable-field-updates.cnrm.cloud.google.com\")].timeoutSeconds}{\"\\n\"}'\n ``` \n\n ```\n kubectl get validatingwebhookconfigurations validating-webhook.cnrm.cloud.google.com -o jsonpath='{.webhooks[?(@.name==\"deny-unknown-fields.cnrm.cloud.google.com\")].timeoutSeconds}{\"\\n\"}'\n ```\n\n Applying the customization could take a few minutes.\n\nConfigure timeout for mutating webhooks\n---------------------------------------\n\nYou can configure the following mutating webhooks:\n\n- `container-annotation-handler.cnrm.cloud.google.com`\n- `generic-defaulter.cnrm.cloud.google.com`\n- `iam-defaulter.cnrm.cloud.google.com`\n- `management-conflict-annotation-defaulter.cnrm.cloud.google.com`\n\nFor example, you can configure the timeout of mutating webhook\n`container-annotation-handler.cnrm.cloud.google.com` by creating and applying\nthe following example YAML file. The webhook is part of the configuration of the\n`mutating-webhook.cnrm.cloud.google.com` [mutating webhook\nconfiguration](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#webhook-configuration).\n\n1. Create a file named `configure-mutating-webhook-timeout.yaml` and copy the\n following YAML into it:\n\n apiVersion: customize.core.cnrm.cloud.google.com/v1beta1\n kind: MutatingWebhookConfigurationCustomization\n metadata:\n name: mutating-webhook\n spec:\n webhooks:\n - name: container-annotation-handler\n timeoutSeconds: 20\n\n | **Note:** when specifying the name of webhook configuration and the names of webhooks in the YAML file, don't include the `.cnrm.cloud.google.com` suffix.\n2. Use [`kubectl apply`](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#apply)\n to apply the webhook timeout customization to your cluster:\n\n ```\n kubectl apply -f configure-mutating-webhook-timeout.yaml\n ```\n3. Verify the successful configuration by running the following command:\n\n ```\n kubectl get mutatingwebhookconfigurationcustomizations mutating-webhook -o jsonpath='{.status.healthy}{\"\\n\"}'\n ```\n\n It should display `status.healthy` field set to `true`.\n4. Verify that the new custom timeout has been applied to the target webhooks:\n\n ```\n kubectl get mutatingwebhookconfigurations mutating-webhook.cnrm.cloud.google.com -o jsonpath='{.webhooks[?(@.name==\"container-annotation-handler.cnrm.cloud.google.com\")].timeoutSeconds}{\"\\n\"}'\n ```\n\n Applying the customization could take a few minutes."]]