This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Kubernetes Clusters

Manager Kubernetes Cluster

1: Import
2: Configurations
3: API Reference

1 - Import

How-to import Kubernetes clusters

Any kind of KubernetesCluster can be imported in the operator. Credentials are stored in Kubernetes secrets from which the KubernetesCluster collection access to connect to the clusters.

Once you have imported the KubernetesCluster, all the resources in the cluster that can be watched, will be read by the operator.

Requirements

The kubeconfig file to access the cluster

Process

1. Create the Secret

Get the kubeconfig file that can be used to access the cluster, and save it as kubeconfig.yaml.

Then create the Secret with the following command:

kubectl create secret generic source --from-file=kubeconfig.yaml=kubeconfig.yaml

2. Create the KubernetesCluster

Define the KubernetesCluster object with the following YAML, and save it as cluster.yaml:

apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
  name: cluster-1
spec:
  secretName: <secret_name>

Deploy the resource with the following command:

kubectl create -f cluster.yaml

2 - Configurations

Configure the Kubernetes Clusters import

Intro

The import of each KubernetesCluster can be configured with some specific parameters using the .spec.config attribute.

apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
  name: my-cluster
spec:
  secretName: my-cluster-secret
  config: {}

Limit assigned resources

For each Kubernetes Cluster imported, a new Pod is deployed inside the same Namespace. The limit and requestsresources can be set using the.spec.config.resources` field.

Example:

apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
  name: my-cluster
spec:
  secretName: my-cluster-secret
  config:
    resources:
      requests:
        cpu: 1
        memory: 2Gi
      limits:
        cpu: 2
        memory: 2Gi

Filter the watched resources

By default, the operator will watch all the available resources int he cluster that can be watched. You can filter the list of this resources by configuring the .spec.config.selectors field.

Example:

apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
  name: my-cluster
spec:
  secretName: my-cluster-secret
  config:
    selectors:
      targets:
        - group: ""
          version: v1
          resources:
            - namespaces
            - secrets
            - configmaps
            - serviceaccounts
            - resourcequotas
            - limitranges
            - persistentvolumeclaims
        - group: policy
          version: v1
          resources:
            - poddisruptionbudgets

Concurrency

The concurrency parameter can be used to improve the peformance of the operator on listening the changes that happens in the Kubernetes Cluster.

Example:

apiVersion: assets.astronetes.io/v1alpha1
kind: KubernetesCluster
metadata:
  name: my-cluster
spec:
  secretName: my-cluster-secret
  config:
    concurrency: 200

3 - API Reference

Configuration details

Config

Customize the integration with a KubernetesCluster

Field	Description	Type	Required
`concurrency`	Concurrent processes to be executed to improve performance	int	false
`logLevel`	Log level to be used by the related Pod	string	false
`observability`	Observability configuration	ObservabilityConfig	false
`resources`	Resources to be assigned to the synchronization Pod	ResourceRequirements	false
`selectors`	Filter the list of resources to be listened	KubernetesClusterSelectors	false

ObservabilityConfig

Configure the synchronization process observability using Prometheus ServiceMonitor

Field	Description	Type	Required
`enabled`	Enable the Observability with a Prometheus ServiceMonitor	bool	false
`interval`	Configure the interval in the ServiceMonitor that Prometheus will use to scrape metrics	Duration	false

Duration

Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.

Field	Description	Type	Required

KubernetesClusterSelectors

Filter the Kubernetes objects that should be read from the cluster

Field	Description	Type	Required
`objectSelector`	Rules to filter Kubernetes objects by ObjectSelector	ObjectSelector	false
`namespaceSelector`	Rules to filter Kubernetes objects by NamespaceSelector	NamespaceSelector	false
`targets`	Kuberentes resourcs to be usedr	[]GroupVersionResources	false

ObjectSelector

Field	Description	Type	Required
`nameSelector`	Filter objects by their name	NameSelector	false
`labelSelector`	Filter objects by their labels	LabelSelector	false

NameSelector

Select object by their name

Field	Description	Type	Required
`includeRegex`	Include names that matches at least one regex	[]string	false
`excludeRegex`	Exlcude names that matches at least one regex	[]string	false

LabelSelector

A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. +structType=atomic

Field	Description	Type	Required
`matchLabels`	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is “key”, theoperator is “In”, and the values array contains only “value”. The requirements are ANDed.+optional	map[string]string	false
`matchExpressions`	matchExpressions is a list of label selector requirements. The requirements are ANDed.+optional+listType=atomic	[]LabelSelectorRequirement	false

LabelSelectorRequirement

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Field	Description	Type	Required
`key`	key is the label key that the selector applies to.	string	false
`operator`	operator represents a key’s relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist.	LabelSelectorOperator	false
`values`	values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.+optional+listType=atomic	[]string	false

LabelSelectorOperator

A label selector operator is the set of operators that can be used in a selector requirement.

Field	Description	Type	Required

NamespaceSelector

Field	Description	Type	Required
`nameSelector`	Filter Namespaces by their name	NameSelector	false
`labelSelector`	Filter Namespaces by their labels	LabelSelector	false

GroupVersionResources

Select a set of GroupVersionResource

Field	Description	Type	Required
`group`	Kubernetes resource group. Example: apps	string	false
`version`	Kubernetes resource version. Example: v1	string	false
`resources`	Kubernetes resource names. Example: deployments	[]string	false