Skip to content
/ namespaceclass-operator Public

Kubernetes Operator for managing NamespaceClass resources, automating resource creation and policy enforcement across namespaces in a Kubernetes cluster.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ianstanton/namespaceclass-operator

BranchesTags

Repository files navigation

NamespaceClass Operator

A Kubernetes Operator that manages the lifecycle of a NamespaceClass resource. Built using kubebuilder.

Overview

The NamespaceClass Operator is designed to automate the management of NamespaceClass resources in a Kubernetes cluster. A NamespaceClass defines a set of resources and policies that can be applied to namespaces within the cluster. When a Namespace is labeled with a specific NamespaceClass, the operator ensures that the resources and policies defined in the NamespaceClass are applied to that namespace.

Features

  • Automatically creates and manages resources defined in a NamespaceClass for each namespace that uses it
  • Support for defining any resource type within a NamespaceClass
  • Switching NamespaceClass for a namespace will automatically update the resources in that namespace
  • Updating a NamespaceClass will automatically update the resources in any namespace using that class

Getting Started

This project is in the early stages of development. Here's how you can get started using and developing locally.

Prerequisites

  • Go 1.20 or later
  • Kubernetes cluster (minikube, kind, etc.)
  • kubectl
  • kubebuilder

Running Locally

With your Kubernetes cluster running, you can run the operator locally using the following commands:

  1. Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects
make manifests
  1. Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations
make generate
  1. Install CRDs into the K8s cluster specified in ~/.kube/config
make install
  1. Run the controller from your host
make run
  1. Apply a NamespaceClass CRD to the cluster Example CRD:
apiVersion: stanton.sh/v1
kind: NamespaceClass
metadata:
  labels:
    app.kubernetes.io/name: namespace-class
  name: namespaceclass-sample
spec:
  resources:
    - apiVersion: v1
      kind: ConfigMap
      metadata:
        name: configmap-sample
      namespace: default
    - apiVersion: v1
      kind: Secret
      metadata:
        name: secret-sample
    - apiVersion: apps/v1
      kind: Deployment
      metadata:
        name: deployment-sample
      spec:
        replicas: 1
        selector:
          matchLabels:
            app: deployment-sample
        template:
          metadata:
            labels:
              app: deployment-sample
          spec:
            containers:
              - name: nginx
                image: nginx:latest
                ports:
                  - containerPort: 80
kubectl apply -f config/samples/nsclass-sample.yaml
  1. Create a Namespace and label it with the NamespaceClass
apiVersion: v1
kind: Namespace
metadata:
  name: sample
  labels:
    namespaceclass.stanton.sh/name: namespaceclass-sample
kubectl apply -f config/samples/ns-sample.yaml
  1. Verify that the resources defined in the NamespaceClass have been created in the sample namespace
kubectl get configmap,secret,deployment -n sample
NAME                         DATA   AGE
configmap/configmap-sample   0      54s
configmap/kube-root-ca.crt   1      54s

NAME                   TYPE     DATA   AGE
secret/secret-sample   Opaque   0      54s

NAME                                READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/deployment-sample   1/1     1            1           54s

About

Kubernetes Operator for managing NamespaceClass resources, automating resource creation and policy enforcement across namespaces in a Kubernetes cluster.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages