cluster-api-provider-nested
capsule
cluster-api-provider-nested | capsule | |
---|---|---|
6 | 5 | |
294 | 1,458 | |
0.0% | 1.6% | |
4.7 | 9.3 | |
16 days ago | 4 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cluster-api-provider-nested
-
Amazon EC2 Enhances Defense in Depth with Default IMDSv2
Kubernetes has a lot of limitations from a multi tenancy perspective.
It's functional, but I think it's not as polished as the rest of Kubernetes which is why Kubernetes has a multi tenancy SIG that spawned the hierarchical namespace controller (https://github.com/kubernetes-sigs/hierarchical-namespaces) and virtual clusters (https://github.com/kubernetes-sigs/cluster-api-provider-nest...)
-
Multi-tenancy in Kubernetes
Virtual Cluster (wg-multitenancy)
-
Any projects to run Kubernetes inside Kubernetes?
Also https://github.com/kubernetes-sigs/cluster-api-provider-nested, similar approach to vcluster, but part of the K8s project.
- cluster-api-provider-nested/virtualcluster at main · kubernetes-sigs/cluster-api-provider-nested
- Kubernetes-in-Kubernetes and the WEDOS PXE bootable server farm
-
Introduction to Multi-Tenancy in Kubernetes
Approach C This approach provides a way to implement hard isolation among Kubernetes tenants who have no trust between them. This provides segregated master plane components for each tenant by creating a mini virtual cluster on the super Kubernetes cluster. Admins can also create custom resources in those virtual clusters as well. This is provided by projects like VirtualCluster and vCluster.
capsule
-
Multi-tenancy in Kubernetes
Capsule
-
How we reduced Kubernetes Clusters Sprawl by adopting Vclusters: An Introduction
At the end is just a tool which helps to achieve multi tenancy(with all pros and cons) in Kubernetes. It takes a different approach from capsule for example as you have a dedicated control plane for each tenant which means you have an isolated api server that you can spin up in a matter of seconds and lets you also achieve better resource utilizations by using the same nodes shared among all tenants
- Is it anti-pattern to have multiple environments under a single namespace?
-
k8s based platform
For multi tenancy you could use this: https://github.com/clastix/capsule
- RBAC for developer self-service?
What are some alternatives?
vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
cluster-api-provider-kubevirt - Cluster API Provider for KubeVirt
kiosk - kiosk 🏢 Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning
kamaji - Kamaji is the Hosted Control Plane Manager for Kubernetes.
cluster-api-provider-openstack
hierarchical-namespaces - Home of the Hierarchical Namespace Controller (HNC). Adds hierarchical policies and delegated creation to Kubernetes namespaces for improved in-cluster multitenancy.
kubeplus - Kubernetes Operator to create multi-instance SaaS from Helm charts using Kubernetes-native APIs
cluster-api-provider-vsphere
loft - Namespace & Virtual Cluster Manager for Kubernetes - Lightweight Virtual Clusters, Self-Service Provisioning for Engineers and 70% Cost Savings with Sleep Mode