wantedly/k8nskel

Name: k8nskel

Owner: Wantedly, Inc.

Description: Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.

Created: 2017-08-29 03:00:44.0

Updated: 2017-09-05 07:17:27.0

Pushed: 2018-03-09 16:32:30.0

Homepage:

Size: 21

Language: Go

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

k8nskel

Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.

Requirements

• Kubernetes 1.6 or above

Installation

From source

t clone git@github.com:wantedly/k8nskel.git
 k8nskel
ke deps
ke

Docker image

Docker image is available at quay.io/wantedly/k8nskel.

Environment variables

|Name|Description|Default value| |-|-|-| |K8NSKEL_ORIGIN|Name of the namespace from which the secret is copied.|“k8nskel-origin”| |K8NSKEL_IGNORE_DEST|CSV list of namespaces that does not reflect secrets in K8NSKEL_ORIGIN is added/modified/deleted. It is not reflected in K8NSKEL_ORIGIN by default.|“kube-public,kube-system”|

Usage

k8nskel copies all secrets in K8NSKEL_ORIGIN namespace to the new namespace.
Also, when secrets in K8NSKEL_ORIGIN is created/modified/deleted, it reflects its secrets to other namespaces than namespace set toK8NSKEL_IGNORE_DEST.

Workflow example

1. Create K8NSKEL_ORIGIN namespace.

   g.
   bectl create namespace k8nskel-origin
   

2. Create k8nskel deployment.

   g.
   bectl run --rm -i k8nskel --image=quay.io/wantedly/k8nskel:latest
   

3. Create a secret.

   g.
   bectl --namespace k8nskel-origin create secret generic secret1 --from-literal=key1=supersecret
   

4. Create a new namespace.

   g.
   bectl create namespace new-namespace
   

5. Get secrets of new namespace. The secret created earlier should be displayed.

   g.
   bectl --namespace k8nskel-origin get secret
   

6. Add a secret in K8NSKEL_ORIGIN. The same secret should have been added to other namespaces.

   g.
   bectl --namespace k8nskel-origin create secret generic secret2 --from-literal=key2=supersecret
   bectl --namespace new-namespace get secret
   

7. Modify a secret in K8NSKEL_ORIGIN. The same secret should have been modified in other namespaces.

   g.
   bectl --namespace k8nskel-origin edit secret secret2
   bectl --namespace new-namespace describe secret secret2
   

8. Delete a secret in K8NSKEL_ORIGIN. The same secret should have been deleted from other namespaces.

   g.
   bectl --namespace k8nskel-origin delete secret secret2
   bectl --namespace new-namespace get secret
   

Manifest sample

• Namespace manifest sample:

ersion: v1
: Namespace
data:
me: k8nskel-origin

• Deployment manifest sample:

ersion: extensions/v1beta1
: Deployment
data:
me: k8nskel
mespace: k8nskel-origin
bels:
name: k8nskel
:
plicas: 1
mplate:
metadata:
  name: k8nskel
  labels:
    name: k8nskel
spec:
  containers:
    - name: k8nskel
      image: quay.io/wantedly/k8nskel:latest