feat: proxy mode use traffic-manager pod image (#635)

pkg/webhook/main.go

@@ -5,7 +5,6 @@ import (
 	"crypto/tls"
 	"fmt"
 	"net/http"
-	"os"
 
 	"golang.org/x/net/http2"
 	"golang.org/x/net/http2/h2c"
@@ -14,9 +13,8 @@ import (
 	"google.golang.org/grpc/health"
 	"google.golang.org/grpc/health/grpc_health_v1"
 	"google.golang.org/grpc/reflection"
-	"k8s.io/kubectl/pkg/cmd/util"
+	"k8s.io/client-go/kubernetes"
 
-	"github.com/wencaiwulue/kubevpn/v2/pkg/config"
 	"github.com/wencaiwulue/kubevpn/v2/pkg/daemon"
 	"github.com/wencaiwulue/kubevpn/v2/pkg/dhcp"
 	"github.com/wencaiwulue/kubevpn/v2/pkg/dhcp/rpc"
@@ -24,14 +22,8 @@ import (
 	putil "github.com/wencaiwulue/kubevpn/v2/pkg/util"
 )
 
-func Main(f util.Factory) error {
-	clientset, err := f.KubernetesClientSet()
-	if err != nil {
-		return err
-	}
-
-	ns := os.Getenv(config.EnvPodNamespace)
-	h := &admissionReviewHandler{f: f, clientset: clientset, ns: ns}
+func Main(manager *dhcp.Manager, clientset *kubernetes.Clientset) error {
+	h := &admissionReviewHandler{dhcp: manager}
 	http.HandleFunc("/pods", func(w http.ResponseWriter, r *http.Request) {
 		serve(w, r, newDelegateToV1AdmitHandler(h.admitPods))
 	})

pkg/webhook/mutateadmissionwebhook.go

@@ -12,19 +12,16 @@ import (
 	"k8s.io/api/admission/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/client-go/kubernetes"
-	cmdutil "k8s.io/kubectl/pkg/cmd/util"
 	"k8s.io/utils/ptr"
 
+	"github.com/wencaiwulue/kubevpn/v2/pkg/dhcp"
 	plog "github.com/wencaiwulue/kubevpn/v2/pkg/log"
 )
 
 // admissionReviewHandler is a handler to handle business logic, holding an util.Factory
 type admissionReviewHandler struct {
 	sync.Mutex
-	f         cmdutil.Factory
-	ns        string
-	clientset *kubernetes.Clientset
+	dhcp *dhcp.Manager
 }
 
 // admitv1beta1Func handles a v1beta1 admission

pkg/webhook/pods.go

@@ -16,7 +16,6 @@ import (
 	"k8s.io/utils/ptr"
 
 	"github.com/wencaiwulue/kubevpn/v2/pkg/config"
-	"github.com/wencaiwulue/kubevpn/v2/pkg/dhcp"
 	plog "github.com/wencaiwulue/kubevpn/v2/pkg/log"
 	"github.com/wencaiwulue/kubevpn/v2/pkg/util"
 )
@@ -85,8 +84,6 @@ func (h *admissionReviewHandler) handleCreate(ar v1.AdmissionReview) *v1.Admissi
 	// 2) release old ip
 	h.Lock()
 	defer h.Unlock()
-	mapInterface := h.clientset.CoreV1().ConfigMaps(util.If(h.ns != "", h.ns, ar.Request.Namespace))
-	manager := dhcp.NewDHCPManager(mapInterface, util.If(h.ns != "", h.ns, ar.Request.Namespace))
 	var ips []net.IP
 	for k := 0; k < len(container.Env); k++ {
 		envVar := container.Env[k]
@@ -96,11 +93,11 @@ func (h *admissionReviewHandler) handleCreate(ar v1.AdmissionReview) *v1.Admissi
 			}
 		}
 	}
-	_ = manager.ReleaseIP(context.Background(), ips...)
+	_ = h.dhcp.ReleaseIP(context.Background(), ips...)
 
 	// 3) rent new ip
 	var v4, v6 *net.IPNet
-	v4, v6, err = manager.RentIP(context.Background())
+	v4, v6, err = h.dhcp.RentIP(context.Background())
 	if err != nil {
 		plog.G(context.Background()).Errorf("Rent IP random failed: %v", err)
 		return toV1AdmissionResponse(err)
@@ -185,8 +182,7 @@ func (h *admissionReviewHandler) handleDelete(ar v1.AdmissionReview) *v1.Admissi
 	if len(ips) != 0 {
 		h.Lock()
 		defer h.Unlock()
-		mapInterface := h.clientset.CoreV1().ConfigMaps(util.If(h.ns != "", h.ns, ar.Request.Namespace))
-		err := dhcp.NewDHCPManager(mapInterface, util.If(h.ns != "", h.ns, ar.Request.Namespace)).ReleaseIP(context.Background(), ips...)
+		err := h.dhcp.ReleaseIP(context.Background(), ips...)
 		if err != nil {
 			plog.G(context.Background()).Errorf("Failed to release IP %v to DHCP server: %v", ips, err)
 		} else {