Skip to content

astrokube/openshift-multitenancy-controller

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
config
config
 
 
deploy
deploy
 
 
hack
hack
 
 
webhooks
webhooks
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
PROJECT
PROJECT
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

OpenShift Multitenancy Controller

OpenShift Multitenancy Controller improves the multitenancy features for OpenShift clusters.

Compatibility

Distribution Min version Max version
OpenShift 4.1 4.7

Usage

OpenShift Routes

Those annotations can be applied to Namespaces in order to restrict the usage of Routes:

Annotation Description Type Default value
openshift.astrokube.io/route-allowed-ip-whitelist List of allowed values for the Route annotation haproxy.router.openshift.io/ip_whitelist. If not set, this rule will be ignored. array(string) null
openshift.astrokube.io/route-forbidden-ip-whitelist List of required values for the Route annotation haproxy.router.openshift.io/ip_whitelist. If not set, this rule will be ignored. array(string) null
openshift.astrokube.io/route-required-ip-whitelist List of forbidden values for the Route annotation haproxy.router.openshift.io/ip_whitelist. If not set, this rule will be ignored. array(string) null

Install

curl https://raw.githubusercontent.com/astrokube/openshift-multitenancy-controller/main/deploy/install.yaml | oc apply -f -

Uninstall

curl https://raw.githubusercontent.com/astrokube/openshift-multitenancy-controller/main/deploy/install.yaml | oc delete -f -

Examples

Force all Routes to have the same IP Whitelist

We want to force all Routes inside the example Namespace to have a fixed IP Whitelist: 10.0.0.0/24 and 10.0.1.100

oc annotate namespace example openshift.astrokube.io/route-required-ip-whitelist=10.0.0.0/24,10.0.1.100
oc annotate namespace example openshift.astrokube.io/route-allowed-ip-whitelist=10.0.0.0/24,10.0.1.100

Restrict all Routes to use only some values for IP Whitelist

We want to allow Routes inside the example Namespace to be allowed to use only some IP/CIDR on IP Whitelist: 10.0.0.0/24 and 10.0.1.100

oc annotate namespace example openshift.astrokube.io/route-allowed-ip-whitelist=10.0.0.0/24,10.0.1.100

Forbid all Routes to use some values for IP Whitelist

We want to forbid all Routes inside the example Namespace to use some IP/CIDR on IP Whitelist: 10.0.0.0/24 and 10.0.1.100

oc annotate namespace example openshift.astrokube.io/route-forbidden-ip-whitelist=10.0.0.0/24,10.0.1.100

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

7 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages