This repository contains an experimental provider implementation for multicluster-runtime, a new controller-runtime "addon" that allows writing uniform multi-cluster-aware Kubernetes controllers.
The Gardener provider facilitates interaction with Gardener-managed clusters by watching specific resources and managing short-lived, auto-renewed kubeconfigs for secure access. It supports two operational modes:
- Functionality: The controller communicates with the garden cluster and monitors
core.gardener.cloud/v1beta1.Shootresources. - Authentication: Requests temporary admin kubeconfigs that are short-lived and automatically renewed for secure access to Shoot clusters.
- Use Case: Ideal for managing Shoot resources directly within the garden cluster.
- Functionality: The controller connects to a seed cluster and monitors
extensions.gardener.cloud/v1alpha1.Clusterresources. - Authentication: Utilizes the standard cluster-admin kubeconfig provided by the
gardenlet, which is also short-lived and auto-renewed. - Use Case: Suitable for managing Cluster resources within a seed cluster environment.
See examples/gardener for sample code.
To use the Gardener provider, ensure you have a running Gardener setup and the necessary permissions to access garden and/or seed clusters. Detailed setup and configuration instructions can be found here.
Thanks for taking the time to start contributing!
- Please familiarize yourself with the Code of Conduct before contributing.
- See CONTRIBUTING.md for instructions on the developer certificate of origin that we require.
- We welcome pull requests. Feel free to dig through existing issues and jump in.
This project is licensed under Apache-2.0.