README
¶
Hierarchical Namespaces (HNS)
HNS is built to allow for easier multi-tenancy in OpenShift clusters, containing a set of CRDs and controllers that allow users to create namespaces without needing cluster-level permission to create namespaces, with each namespace having a quota associated to it.
Using HNS
Prerequisites
In order to use HNS, you need to have:
- An operating OpenShift cluster of version 4.x.
cert-managerinstalled on the cluster.- At least 3 nodes with an
infrataint and without amastertaint (HNSruns by default oninfranodes)
Build
To build the HNS controller, login into an image registry, and run:
$ make docker-build docker-push IMG=<image_registry>/<image_name>:<image_tag>
Deploy
To build the HNS controller, login into an operational OpenShift cluster and run:
$ make deploy IMG=<image_registry>/<image_name>:<image_tag>
Test
To test the HNS controller, login into an operational OpenShift cluster and run:
$ make test-e2e
CRDs
-
Subnamespace: Represents a namespace in a hierarchy. EachSubnamespacehas anamespacebound to it which has the same name as theSubnamespace. ASubnamepsacemay also have a quota bound to it. The quota can be either aResourceQuotaobject or aClusterResourceQuotaobject (this depends on the depth in the hierarchy of theSubnamespace) of the same name as theSubnamespace. -
UpdateQuota: A CRD that allows to move resources betweenSubnamespaces. -
MigrationHierarchy: A CRD that allows migrating aSubnamespaceto a different hierarchy.
Directories
¶
| Path | Synopsis |
|---|---|
|
api
|
|
|
v1
Package v1 contains API Schema definitions for the dana v1 API group +kubebuilder:object:generate=true +groupName=dana.hns.io
|
Package v1 contains API Schema definitions for the dana v1 API group +kubebuilder:object:generate=true +groupName=dana.hns.io |
|
internal
|
|
|
test
|
|