README
¶
HostPort Allocator
A Kubernetes Operator to allocate host ports
Overview
Kubernetes host ports are useful for exposing pods directly on the node they are running on. However the overhead of managing allocation and limiting usage on a multi-tenant cluster can be difficult.
HostPort Allocator aims to solve this problem by treating host ports similar to persistent volumes. To use a host port
a HostPortClaim and HostPort must be created, the HostPort will then be allocated a port from a HostPortClass.
Once allocated a Pod can then be created referencing the HostPortClaim via an annotation. The HostPort Allocator
will then allow the pod to use the allocated host port and will automatically modify the pod to have a host port defined
in its ports list.
TODO
- Quota to restrict the number of
HostPortClaimsin a namespace - Qutoa to restrict the number of
HostPortClaimsusing a certainHostPortClassin a namespace - Allow StatefulSets to use a
HostPortClaimTemplateif unique host ports per pod are required
Prerequisites
- Kubernetes
>=1.16.0 - Cert Manager with CAInjector
>=v0.15.2(Optional)- If automatic certificate generation is desired for admission webhooks.
Custom Resource Definitions
-
HostPortClass, which defines a desired class and its pools of ports. -
HostPortClaim, which defines a desired claim for a host port. -
HostPort, which defines a desired allocation for a host port.
Dynamic Admission Control
Custom Resources
To prevent invalid resources from being created or modified an admission webhook is provided.
Pods
To prevent pods from being created with invalid host ports an admission webhook is provided. This webhook only acts on
pods created in namespaces with certain labels, the default label selector is hostport.rmb938.com: "true".
Quickstart
Install Cert Manager
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v0.15.2/cert-manager.yaml
kubectl wait -n cert-manager --for=condition=Available --timeout=300s deployment cert-manager-webhook
Install HostPort Allocator
kubectl apply -f https://github.com/rmb938/hostport-allocator/releases/download/v0.1.3/hostport-allocator.yaml
kubectl wait -n hostport-allocator --for=condition=Available --timeout=300s deployment hostport-allocator
Usage
- Label the default namespace
kubectl label namespace default "hostport.rmb938.com='true'" - Create a
HostPortClasshostportclass.yaml --- apiVersion: hostport.rmb938.com/v1alpha1 kind: HostPortClass metadata: name: sample spec: pools: - start: 9000 end: 9500kubectl apply -f hostportclass.yaml - Create a
HostPortClaimhostportclaim.yaml --- apiVersion: hostport.rmb938.com/v1alpha1 kind: HostPortClaim metadata: name: echo-web namespace: default spec: hostPortClassName: samplekubectl apply -f hostportclaim.yaml - Create a
Podusing theHostPortClaimpod.yaml --- apiVersion: v1 kind: Pod metadata: name: echo namespace: default annotations: claim.hostport.rmb938.com/web: echo-web spec: containers: - name: echo image: k8s.gcr.io/echoserver:1.4 ports: - name: web containerPort: 8080 env: - name: MY_HOST_PORT valueFrom: fieldRef: fieldPath: metadata.annotations['port.hostport.rmb938.com/web']kubectl apply -f pod.yaml - The
Podwill now be allocated theHostPortcreated by theHostPortClaimand will have an environment variable ofMY_HOST_PORTset to the port that was allocated.
Development
Prerequisites
- Golang
>=1.13 - Docker
- Kind
- Tilt
Running Locally
Testing
Unit Tests
End-to-End Tests
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
api
|
|
|
v1alpha1
Package v1alpha1 contains API Schema definitions for the hostport v1alpha1 API group +kubebuilder:object:generate=true +groupName=hostport.rmb938.com
|
Package v1alpha1 contains API Schema definitions for the hostport v1alpha1 API group +kubebuilder:object:generate=true +groupName=hostport.rmb938.com |
|
apis
|
|
|
tools
|
|