Kiosk server port is not configurable

[juv]

Hi,

I have found out that the Kiosk server port is not configurable at the moment:

kiosk/pkg/apiserver/start.go

Line 147 in 49ff65c

o.RecommendedOptions.SecureServing.BindPort = 8443

Kiosk listens on the default port 8443, which is currently hardcoded.

When using the Helm chart with hostNetwork: true, this will cause issues when other applications already use that port. Kiosk will then crash on startup with the (expected) error:

panic: failed to create listener: failed to listen on 0.0.0.0:8443: listen tcp 0.0.0.0:8443: bind: address already in use

Using the hostNetwork: true is required when using an overlay network (e.g. with WeaveNet, Cilium) and still want admission webhooks to work in environments like AWS EKS. Running the pods in the host network is required because otherwise the API Server managed by EKS is not able to communicate with the pod.

[FabianKramm]

@juv thanks for creating this issue! We'll add an option to make this configurable