Skip to content

eck webhook default value clarified #6734

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
eedugon merged 4 commits into from
Jun 1, 2026
Merged

eck webhook default value clarified #6734

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1ebe565
eck webhook default value clarified
eedugon May 27, 2026
f3a39f8
suggestions implemented
eedugon Jun 1, 2026
bed64e4
Update deploy-manage/deploy/cloud-on-k8s/configure-validating-webhook.md
eedugon Jun 1, 2026
2bd750e
Merge branch 'main' into eck_enable_webhook
eedugon Jun 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions deploy-manage/deploy/cloud-on-k8s/configure-validating-webhook.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@

## Defaults provided by ECK [k8s-webhook-defaults]

When using the default `operator.yaml` manifest, ECK is installed with a `ValidatingWebhookConfiguration` configured as follows:
When installing ECK using the [`operator.yaml` manifest](install-using-yaml-manifest-quickstart.md) or the [Helm chart](install-using-helm-chart.md) with default values, ECK is installed with a `ValidatingWebhookConfiguration` configured as follows:

* Validate all known Elastic custom resources ({{eck_resources_list}}) on create and update.
* The operator itself is the webhook server — which is exposed through a service named `elastic-webhook-server` in the `elastic-system` namespace.
Expand All @@ -45,14 +45,13 @@

| Configuration option | Default value | Description |
| --- | --- | --- |
| `enable-webhook` | false | This must be set to `true` to enable the webhook server. |
| `enable-webhook` | false | Set to `true` to enable the webhook server.<br><br>Although the operator default is `false`, the standard ECK installation manifests and Helm chart explicitly set it to `true`. |
| `manage-webhook-certs` | true | Set to `false` to disable auto-generating the certificate for the webhook. If disabled, you must provide your own certificates using one of the methods described later in this document. |

Check notice on line 49 in deploy-manage/deploy/cloud-on-k8s/configure-validating-webhook.md

View workflow job for this annotation

GitHub Actions / build / vale 

Elastic.WordChoice: Consider using 'deactivated, deselected, hidden, turned off, unavailable' instead of 'disabled', unless the term is in the UI.

Check notice on line 49 in deploy-manage/deploy/cloud-on-k8s/configure-validating-webhook.md

View workflow job for this annotation

GitHub Actions / build / vale 

Elastic.WordChoice: Consider using 'deactivate, deselect, hide, turn off' instead of 'disable', unless the term is in the UI.
| `webhook-cert-dir` | /tmp/k8s-webhook-server/serving-certs | Path to mount the certificate. |
| `webhook-name` | elastic-webhook.k8s.elastic.co | Name of the `ValidatingWebhookConfiguration` resource. |
| `webhook-secret` | elastic-webhook-server-cert | Name of the secret containing the certificate for the webhook server. |
| `webhook-port` | 9443 | Port to listen for incoming validation requests. |


### Using your own certificates [k8s-webhook-existing-certs]

This section describes how you can use your own certificates for the webhook instead of letting the operator manage them automatically. There are a few important things to be aware of when going down this route:
Expand Down
Loading