mirror of
https://github.com/clastix/kamaji.git
synced 2026-02-28 16:50:29 +00:00
Compare commits
5 Commits
edge-25.10
...
edge-25.11
| Author | SHA1 | Date | |
|---|---|---|---|
|
081b4c72b3 | ||
|
cb8086754b | ||
|
|
34c02a96f6 | ||
|
f29a10ba5f | ||
|
0656dbb803 |
@@ -14,6 +14,7 @@ Feel free to open a Pull-Request to get yours listed.
|
||||
| Vendor | DCloud | 2024 | [link](https://dcloud.co.id) | DCloud is an Indonesian Cloud Provider using Kamaji to build and offer [Managed Kubernetes Service](https://dcloud.co.id/dkubes.html). |
|
||||
| Vendor | Dinova | 2025 | [link](https://dinova.one/) | Dinova is an Italian cloud services provider that integrates Kamaji in its datacenters to offer fully managed Kubernetes clusters. |
|
||||
| End-user | KINX | 2024 | [link](https://kinx.net/?lang=en) | KINX is an Internet infrastructure service provider and will use kamaji for its new [Managed Kubernetes Service](https://kinx.net/service/cloud/kubernetes/intro/?lang=en). |
|
||||
| Vendor | Netalia | 2025 | [link](https://www.netalia.it) | Netalia uses Kamaji for the Italian cloud
|
||||
| Vendor | Netsons | 2023 | [link](https://www.netsons.com) | Netsons is an Italian hosting and cloud provider and uses Kamaji in its [Managed Kubernetes](https://www.netsons.com/kubernetes) offering. |
|
||||
| Vendor | NVIDIA | 2024 | [link](https://github.com/NVIDIA/doca-platform) | DOCA Platform Framework manages provisioning and service orchestration for NVIDIA Bluefield DPUs. |
|
||||
| R&D | Orange | 2024 | [link](https://gitlab.com/Orange-OpenSource/kanod) | Orange is a French telecommunications company using Kamaji for experimental research purpose, with Kanod research solution. |
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
appsv1 "k8s.io/api/apps/v1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/util/intstr"
|
||||
)
|
||||
|
||||
// NetworkProfileSpec defines the desired state of NetworkProfile.
|
||||
@@ -89,6 +90,32 @@ type KubernetesSpec struct {
|
||||
AdmissionControllers AdmissionControllers `json:"admissionControllers,omitempty"`
|
||||
}
|
||||
|
||||
type AdditionalPort struct {
|
||||
// The name of this port within the Service created by Kamaji.
|
||||
// This must be a DNS_LABEL, must have unique names, and cannot be `kube-apiserver`, or `konnectivity-server`.
|
||||
Name string `json:"name"`
|
||||
// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
|
||||
//+kubebuilder:validation:Enum=TCP;UDP;SCTP
|
||||
//+kubebuilder:default=TCP
|
||||
Protocol corev1.Protocol `json:"protocol,omitempty"`
|
||||
// The application protocol for this port.
|
||||
// This is used as a hint for implementations to offer richer behavior for protocols that they understand.
|
||||
// This field follows standard Kubernetes label syntax.
|
||||
// Valid values are either:
|
||||
//
|
||||
// * Un-prefixed protocol names - reserved for IANA standard service names (as per
|
||||
// RFC-6335 and https://www.iana.org/assignments/service-names).
|
||||
AppProtocol *string `json:"appProtocol,omitempty"`
|
||||
// The port that will be exposed by this service.
|
||||
Port int32 `json:"port"`
|
||||
// Number or name of the port to access on the pods of the Tenant Control Plane.
|
||||
// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
|
||||
// If this is a string, it will be looked up as a named port in the
|
||||
// target Pod's container ports. If this is not specified, the value
|
||||
// of the 'port' field is used (an identity map).
|
||||
TargetPort intstr.IntOrString `json:"targetPort"`
|
||||
}
|
||||
|
||||
// AdditionalMetadata defines which additional metadata, such as labels and annotations, must be attached to the created resource.
|
||||
type AdditionalMetadata struct {
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
@@ -198,6 +225,9 @@ type ControlPlaneExtraArgs struct {
|
||||
|
||||
type ServiceSpec struct {
|
||||
AdditionalMetadata AdditionalMetadata `json:"additionalMetadata,omitempty"`
|
||||
// AdditionalPorts allows adding additional ports to the Service generated Kamaji
|
||||
// which targets the Tenant Control Plane pods.
|
||||
AdditionalPorts []AdditionalPort `json:"additionalPorts,omitempty"`
|
||||
// ServiceType allows specifying how to expose the Tenant Control Plane.
|
||||
ServiceType ServiceType `json:"serviceType"`
|
||||
}
|
||||
|
||||
@@ -57,6 +57,27 @@ func (in *AdditionalMetadata) DeepCopy() *AdditionalMetadata {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AdditionalPort) DeepCopyInto(out *AdditionalPort) {
|
||||
*out = *in
|
||||
if in.AppProtocol != nil {
|
||||
in, out := &in.AppProtocol, &out.AppProtocol
|
||||
*out = new(string)
|
||||
**out = **in
|
||||
}
|
||||
out.TargetPort = in.TargetPort
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalPort.
|
||||
func (in *AdditionalPort) DeepCopy() *AdditionalPort {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(AdditionalPort)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AdditionalVolumeMounts) DeepCopyInto(out *AdditionalVolumeMounts) {
|
||||
*out = *in
|
||||
@@ -1351,6 +1372,13 @@ func (in *SecretReference) DeepCopy() *SecretReference {
|
||||
func (in *ServiceSpec) DeepCopyInto(out *ServiceSpec) {
|
||||
*out = *in
|
||||
in.AdditionalMetadata.DeepCopyInto(&out.AdditionalMetadata)
|
||||
if in.AdditionalPorts != nil {
|
||||
in, out := &in.AdditionalPorts, &out.AdditionalPorts
|
||||
*out = make([]AdditionalPort, len(*in))
|
||||
for i := range *in {
|
||||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSpec.
|
||||
|
||||
@@ -6738,6 +6738,56 @@ versions:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
additionalPorts:
|
||||
description: |-
|
||||
AdditionalPorts allows adding additional ports to the Service generated Kamaji
|
||||
which targets the Tenant Control Plane pods.
|
||||
items:
|
||||
properties:
|
||||
appProtocol:
|
||||
description: |-
|
||||
The application protocol for this port.
|
||||
This is used as a hint for implementations to offer richer behavior for protocols that they understand.
|
||||
This field follows standard Kubernetes label syntax.
|
||||
Valid values are either:
|
||||
|
||||
* Un-prefixed protocol names - reserved for IANA standard service names (as per
|
||||
RFC-6335 and https://www.iana.org/assignments/service-names).
|
||||
type: string
|
||||
name:
|
||||
description: |-
|
||||
The name of this port within the Service created by Kamaji.
|
||||
This must be a DNS_LABEL, must have unique names, and cannot be `kube-apiserver`, or `konnectivity-server`.
|
||||
type: string
|
||||
port:
|
||||
description: The port that will be exposed by this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
|
||||
enum:
|
||||
- TCP
|
||||
- UDP
|
||||
- SCTP
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: |-
|
||||
Number or name of the port to access on the pods of the Tenant Control Plane.
|
||||
Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
|
||||
If this is a string, it will be looked up as a named port in the
|
||||
target Pod's container ports. If this is not specified, the value
|
||||
of the 'port' field is used (an identity map).
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- name
|
||||
- port
|
||||
- targetPort
|
||||
type: object
|
||||
type: array
|
||||
serviceType:
|
||||
description: ServiceType allows specifying how to expose the Tenant Control Plane.
|
||||
enum:
|
||||
|
||||
@@ -6746,6 +6746,56 @@ spec:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
additionalPorts:
|
||||
description: |-
|
||||
AdditionalPorts allows adding additional ports to the Service generated Kamaji
|
||||
which targets the Tenant Control Plane pods.
|
||||
items:
|
||||
properties:
|
||||
appProtocol:
|
||||
description: |-
|
||||
The application protocol for this port.
|
||||
This is used as a hint for implementations to offer richer behavior for protocols that they understand.
|
||||
This field follows standard Kubernetes label syntax.
|
||||
Valid values are either:
|
||||
|
||||
* Un-prefixed protocol names - reserved for IANA standard service names (as per
|
||||
RFC-6335 and https://www.iana.org/assignments/service-names).
|
||||
type: string
|
||||
name:
|
||||
description: |-
|
||||
The name of this port within the Service created by Kamaji.
|
||||
This must be a DNS_LABEL, must have unique names, and cannot be `kube-apiserver`, or `konnectivity-server`.
|
||||
type: string
|
||||
port:
|
||||
description: The port that will be exposed by this service.
|
||||
format: int32
|
||||
type: integer
|
||||
protocol:
|
||||
default: TCP
|
||||
description: The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
|
||||
enum:
|
||||
- TCP
|
||||
- UDP
|
||||
- SCTP
|
||||
type: string
|
||||
targetPort:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: |-
|
||||
Number or name of the port to access on the pods of the Tenant Control Plane.
|
||||
Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
|
||||
If this is a string, it will be looked up as a named port in the
|
||||
target Pod's container ports. If this is not specified, the value
|
||||
of the 'port' field is used (an identity map).
|
||||
x-kubernetes-int-or-string: true
|
||||
required:
|
||||
- name
|
||||
- port
|
||||
- targetPort
|
||||
type: object
|
||||
type: array
|
||||
serviceType:
|
||||
description: ServiceType allows specifying how to expose the Tenant Control Plane.
|
||||
enum:
|
||||
|
||||
@@ -27,7 +27,7 @@ Kamaji is an open source Kubernetes Operator that transforms any Kubernetes clus
|
||||
Kamaji leverages Kubernetes Custom Resource Definitions (CRDs) to provide a fully declarative approach to managing control planes, datastores, and other resources.
|
||||
|
||||
- **CNCF Compliance:**
|
||||
Kamaji uses upstream, unmodified Kubernetes components and kubeadm for control plane setup, ensuring that all Tenant Clusters are [CNCF Certified Kubernetes](https://www.cncf.io/certification/software-conformance/) and compatible with standard Kubernetes tooling.
|
||||
Kamaji uses upstream, unmodified Kubernetes components and kubeadm for control plane setup, ensuring that all Tenant Clusters follow [CNCF Certified Kubernetes Software Conformance](https://www.cncf.io/certification/software-conformance/) and are compatible with standard Kubernetes tooling.
|
||||
|
||||
## Extensibility and Integrations
|
||||
|
||||
@@ -54,4 +54,4 @@ Explore the following concepts to understand how Kamaji works under the hood:
|
||||
- [Tenant Worker Nodes](tenant-worker-nodes.md)
|
||||
- [Konnectivity](konnectivity.md)
|
||||
|
||||
Kamaji’s architecture is designed for flexibility, scalability, and operational simplicity, making it an ideal solution for organizations managing multiple Kubernetes clusters at scale.
|
||||
Kamaji’s architecture is designed for flexibility, scalability, and operational simplicity, making it an ideal solution for organizations managing multiple Kubernetes clusters at scale.
|
||||
|
||||
@@ -28609,6 +28609,14 @@ Defining the options for the Tenant Control Plane Service resource.
|
||||
AdditionalMetadata defines which additional metadata, such as labels and annotations, must be attached to the created resource.<br/>
|
||||
</td>
|
||||
<td>false</td>
|
||||
</tr><tr>
|
||||
<td><b><a href="#tenantcontrolplanespeccontrolplaneserviceadditionalportsindex">additionalPorts</a></b></td>
|
||||
<td>[]object</td>
|
||||
<td>
|
||||
AdditionalPorts allows adding additional ports to the Service generated Kamaji
|
||||
which targets the Tenant Control Plane pods.<br/>
|
||||
</td>
|
||||
<td>false</td>
|
||||
</tr></tbody>
|
||||
</table>
|
||||
|
||||
@@ -28645,6 +28653,75 @@ AdditionalMetadata defines which additional metadata, such as labels and annotat
|
||||
</table>
|
||||
|
||||
|
||||
<span id="tenantcontrolplanespeccontrolplaneserviceadditionalportsindex">`TenantControlPlane.spec.controlPlane.service.additionalPorts[index]`</span>
|
||||
|
||||
|
||||
|
||||
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>Type</th>
|
||||
<th>Description</th>
|
||||
<th>Required</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody><tr>
|
||||
<td><b>name</b></td>
|
||||
<td>string</td>
|
||||
<td>
|
||||
The name of this port within the Service created by Kamaji.
|
||||
This must be a DNS_LABEL, must have unique names, and cannot be `kube-apiserver`, or `konnectivity-server`.<br/>
|
||||
</td>
|
||||
<td>true</td>
|
||||
</tr><tr>
|
||||
<td><b>port</b></td>
|
||||
<td>integer</td>
|
||||
<td>
|
||||
The port that will be exposed by this service.<br/>
|
||||
<br/>
|
||||
<i>Format</i>: int32<br/>
|
||||
</td>
|
||||
<td>true</td>
|
||||
</tr><tr>
|
||||
<td><b>targetPort</b></td>
|
||||
<td>int or string</td>
|
||||
<td>
|
||||
Number or name of the port to access on the pods of the Tenant Control Plane.
|
||||
Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
|
||||
If this is a string, it will be looked up as a named port in the
|
||||
target Pod's container ports. If this is not specified, the value
|
||||
of the 'port' field is used (an identity map).<br/>
|
||||
</td>
|
||||
<td>true</td>
|
||||
</tr><tr>
|
||||
<td><b>appProtocol</b></td>
|
||||
<td>string</td>
|
||||
<td>
|
||||
The application protocol for this port.
|
||||
This is used as a hint for implementations to offer richer behavior for protocols that they understand.
|
||||
This field follows standard Kubernetes label syntax.
|
||||
Valid values are either:
|
||||
|
||||
* Un-prefixed protocol names - reserved for IANA standard service names (as per
|
||||
RFC-6335 and https://www.iana.org/assignments/service-names).<br/>
|
||||
</td>
|
||||
<td>false</td>
|
||||
</tr><tr>
|
||||
<td><b>protocol</b></td>
|
||||
<td>enum</td>
|
||||
<td>
|
||||
The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".<br/>
|
||||
<br/>
|
||||
<i>Enum</i>: TCP, UDP, SCTP<br/>
|
||||
<i>Default</i>: TCP<br/>
|
||||
</td>
|
||||
<td>false</td>
|
||||
</tr></tbody>
|
||||
</table>
|
||||
|
||||
|
||||
<span id="tenantcontrolplanespeccontrolplanedeployment">`TenantControlPlane.spec.controlPlane.deployment`</span>
|
||||
|
||||
|
||||
|
||||
2
go.mod
2
go.mod
@@ -15,7 +15,7 @@ require (
|
||||
github.com/json-iterator/go v1.1.12
|
||||
github.com/juju/mutex/v2 v2.0.0
|
||||
github.com/nats-io/nats.go v1.47.0
|
||||
github.com/onsi/ginkgo/v2 v2.26.0
|
||||
github.com/onsi/ginkgo/v2 v2.27.2
|
||||
github.com/onsi/gomega v1.38.2
|
||||
github.com/pkg/errors v0.9.1
|
||||
github.com/prometheus/client_golang v1.23.2
|
||||
|
||||
8
go.sum
8
go.sum
@@ -87,8 +87,8 @@ github.com/gkampitakis/ciinfo v0.3.2 h1:JcuOPk8ZU7nZQjdUhctuhQofk7BGHuIy0c9Ez8BN
|
||||
github.com/gkampitakis/ciinfo v0.3.2/go.mod h1:1NIwaOcFChN4fa/B0hEBdAb6npDlFL8Bwx4dfRLRqAo=
|
||||
github.com/gkampitakis/go-diff v1.3.2 h1:Qyn0J9XJSDTgnsgHRdz9Zp24RaJeKMUHg2+PDZZdC4M=
|
||||
github.com/gkampitakis/go-diff v1.3.2/go.mod h1:LLgOrpqleQe26cte8s36HTWcTmMEur6OPYerdAAS9tk=
|
||||
github.com/gkampitakis/go-snaps v0.5.14 h1:3fAqdB6BCPKHDMHAKRwtPUwYexKtGrNuw8HX/T/4neo=
|
||||
github.com/gkampitakis/go-snaps v0.5.14/go.mod h1:HNpx/9GoKisdhw9AFOBT1N7DBs9DiHo/hGheFGBZ+mc=
|
||||
github.com/gkampitakis/go-snaps v0.5.15 h1:amyJrvM1D33cPHwVrjo9jQxX8g/7E2wYdZ+01KS3zGE=
|
||||
github.com/gkampitakis/go-snaps v0.5.15/go.mod h1:HNpx/9GoKisdhw9AFOBT1N7DBs9DiHo/hGheFGBZ+mc=
|
||||
github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
|
||||
github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
|
||||
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||
@@ -257,8 +257,8 @@ github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
|
||||
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
||||
github.com/onsi/ginkgo v1.14.2 h1:8mVmC9kjFFmA8H4pKMUhcblgifdkOIXPvbhN1T36q1M=
|
||||
github.com/onsi/ginkgo v1.14.2/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
|
||||
github.com/onsi/ginkgo/v2 v2.26.0 h1:1J4Wut1IlYZNEAWIV3ALrT9NfiaGW2cDCJQSFQMs/gE=
|
||||
github.com/onsi/ginkgo/v2 v2.26.0/go.mod h1:qhEywmzWTBUY88kfO0BRvX4py7scov9yR+Az2oavUzw=
|
||||
github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns=
|
||||
github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
|
||||
github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A=
|
||||
github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k=
|
||||
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
|
||||
|
||||
@@ -98,14 +98,37 @@ func (r *KubernetesServiceResource) mutate(ctx context.Context, tenantControlPla
|
||||
"kamaji.clastix.io/name": tenantControlPlane.GetName(),
|
||||
}
|
||||
|
||||
if len(r.resource.Spec.Ports) == 0 {
|
||||
if r.resource.Spec.Ports == nil {
|
||||
r.resource.Spec.Ports = make([]corev1.ServicePort, 1)
|
||||
}
|
||||
|
||||
r.resource.Spec.Ports[0].Name = "kube-apiserver"
|
||||
r.resource.Spec.Ports[0].Protocol = corev1.ProtocolTCP
|
||||
r.resource.Spec.Ports[0].Port = tenantControlPlane.Spec.NetworkProfile.Port
|
||||
r.resource.Spec.Ports[0].TargetPort = intstr.FromInt32(tenantControlPlane.Spec.NetworkProfile.Port)
|
||||
var ports []corev1.ServicePort
|
||||
for i, port := range r.resource.Spec.Ports {
|
||||
switch {
|
||||
case i == 0:
|
||||
port.Name = "kube-apiserver"
|
||||
port.Protocol = corev1.ProtocolTCP
|
||||
port.Port = tenantControlPlane.Spec.NetworkProfile.Port
|
||||
port.TargetPort = intstr.FromInt32(tenantControlPlane.Spec.NetworkProfile.Port)
|
||||
|
||||
ports = append(ports, port)
|
||||
case i == 1 && port.Name == "konnectivity-server":
|
||||
ports = append(ports, port)
|
||||
}
|
||||
}
|
||||
|
||||
for _, port := range tenantControlPlane.Spec.ControlPlane.Service.AdditionalPorts {
|
||||
ports = append(ports, corev1.ServicePort{
|
||||
Name: port.Name,
|
||||
Protocol: port.Protocol,
|
||||
AppProtocol: port.AppProtocol,
|
||||
Port: port.Port,
|
||||
TargetPort: port.TargetPort,
|
||||
NodePort: 0,
|
||||
})
|
||||
}
|
||||
|
||||
r.resource.Spec.Ports = ports
|
||||
|
||||
switch tenantControlPlane.Spec.ControlPlane.Service.ServiceType {
|
||||
case kamajiv1alpha1.ServiceTypeLoadBalancer:
|
||||
|
||||
Reference in New Issue
Block a user