kube-resource-relabel-webhook docs
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  2. /
  3. Configuration
  4. /
  5. Rules
Edit page

Rules

Relabel Rules consist of Conditions and Actions. If all conditions are met, then the actions are performed.

Name Type Description
name string A unique name for the rule. Used mainly for debugging
conditions condition[] The list of conditions that must be satisfied for this rule
actions action[] The list of actions that will be performed when conditions are met

Add karpenter eviction prevention to airflow pods.

name: "airflow-k8s-pod-operator-do-not-evict"
conditions:
  - type: is-type
    value:
      kind: pod
      version: v1
  - type: has-label
    value:
      keys:
        - dag_id
actions:
  - type: ensure-annotation
    value:
      karpenter.sh/do-not-evict: "true"

Ensure that label based logging systems have the correct label.

name: "cleanup-fluentd-labels"
conditions:
  - type: is-type
    value:
      kind: pod
      version: v1
  - type: has-annotation
    value:
      match:
        fluentd.active: "true"
actions:
  - type: ensure-label
    value:
      fluentd.active: "true"
Name Type Description
type string Type of condition
value any Condition configuration. This changes per condition type

Ensure the resource is a pod.

type: is-type
value:
  kind: pod
  version: v1

Check that a resource has a label key

type: has-label
value:
  keys:
    - dag_id

Check if a resource has an exact annotation match

type: has-annotation
value:
  match:
    fluentd.active
Name Type Description
type string Type of action
value any Action configuration. This changes per action type

Ensure the resource has a label

type: ensure-label
value:
  fluentd.active: "true"

Ensure the resource has an annotation

type: ensure-annotation
value:
  nginx.ingress.kubernetes.io/default-backend: some-svc

Condition Types

type: is-type

Values Schema

Name Type Descripton
group string The kubernetes api group
version string The kubernetes api version
kind string The kubernetes resource kind

About

Check if the resource is of a specific kubernetes type. Missing / empty fields always evaluate to true.

Ensure the resource is a pod.

type: is-type
value:
  kind: pod
  version: v1

Any ingress resource.

type: is-type
value:
  kind: ingress

All Istio networking resources

type: is-type
value:
  group: networking.istio.io

type: has-annotation

Values Schema

Name Type Descripton
keys string[] Match on annotation keys
values string[] Match on annotation values
kind map[string]string Exact key:value annotation matches

About

Check if the resource has specific annotations. Empty or null values are ignored.

Exact key-value match

type: has-annotation
value:
  match:
    fluentd.active: "true"

Match on annotation key

type: has-annotation
value:
  keys:
    - fluentd.active

Match on annotation value

type: has-annotation
value:
  values:
    - "true"

type: has-label

Values Schema

Name Type Descripton
keys string[] Match on label keys
values string[] Match on label values
kind map[string]string Exact key:value label matches

About

Check if the resource has specific labels. Empty or null values are ignored.

Exact key-value match

type: has-label
value:
  match:
    fluentd.active: "true"

Match on label key

type: has-label
value:
  keys:
    - fluentd.active

Match on label value

type: has-label
value:
  values:
    - "true"

Actions

type: ensure-annotation

Values: map[string]string

About

Apply the given annotations to the object

Exact key-value match

type: ensure-annotation
value:
  karpenter.sh/do-not-evict: "true"

type: ensure-label

Values: map[string]string

About

Apply the given labels to the object

Exact key-value match

type: ensure-label
value:
  fluentd.active: "true"