GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → yahoo → K8s Ingress Claim

yahoo / K8s Ingress Claim

Licence: other
An admission control policy that safeguards against accidental duplicate claiming of Hosts/Domains.

Programming Languages

go
31211 projects - #10 most used programming language
golang
3204 projects

Labels

kubernetesbig-dataingress

Projects that are alternatives of or similar to K8s Ingress Claim

Sciblog support
Support content for my blog
Stars: ✭ 694 (+4857.14%)
Mutual labels:  big-data
Hadoop For Geoevent
ArcGIS GeoEvent Server sample Hadoop connector for storing GeoEvents in HDFS.
Stars: ✭ 5 (-64.29%)
Mutual labels:  big-data
Hazelcast Jet
Distributed Stream and Batch Processing
Stars: ✭ 855 (+6007.14%)
Mutual labels:  big-data
Spark Movie Lens
An on-line movie recommender using Spark, Python Flask, and the MovieLens dataset
Stars: ✭ 745 (+5221.43%)
Mutual labels:  big-data
Parquet Format
Apache Parquet
Stars: ✭ 800 (+5614.29%)
Mutual labels:  big-data
Pyspark Setup Demo
Demo of PySpark and Jupyter Notebook with the Jupyter Docker Stacks
Stars: ✭ 24 (+71.43%)
Mutual labels:  big-data
Gimbal
Gimbal is an ingress load balancing platform capable of routing traffic to multiple Kubernetes and OpenStack clusters. Built by Heptio in partnership with Actapio.
Stars: ✭ 637 (+4450%)
Mutual labels:  ingress
Dremio Oss
Dremio - the missing link in modern data
Stars: ✭ 862 (+6057.14%)
Mutual labels:  big-data
Sqoop
Mirror of Apache Sqoop
Stars: ✭ 817 (+5735.71%)
Mutual labels:  big-data
Dataflowjavasdk
Google Cloud Dataflow provides a simple, powerful model for building both batch and streaming parallel data processing pipelines.
Stars: ✭ 854 (+6000%)
Mutual labels:  big-data
Storm
Mirror of Apache Storm
Stars: ✭ 6,297 (+44878.57%)
Mutual labels:  big-data
Titanoboa
Titanoboa makes complex workflows easy. It is a low-code workflow orchestration platform for JVM - distributed, highly scalable and fault tolerant.
Stars: ✭ 787 (+5521.43%)
Mutual labels:  big-data
Pretzel
Javascript full-stack framework for Big Data visualisation and analysis
Stars: ✭ 26 (+85.71%)
Mutual labels:  big-data
Cython
The most widely used Python to C compiler
Stars: ✭ 6,588 (+46957.14%)
Mutual labels:  big-data
Accumulo
Apache Accumulo
Stars: ✭ 857 (+6021.43%)
Mutual labels:  big-data
Samza
Mirror of Apache Samza
Stars: ✭ 676 (+4728.57%)
Mutual labels:  big-data
Bandar Log
Monitoring tool to measure flow throughput of data sources and processing components that are part of Data Ingestion and ETL pipelines.
Stars: ✭ 19 (+35.71%)
Mutual labels:  big-data
Phoenix
Mirror of Apache Phoenix
Stars: ✭ 867 (+6092.86%)
Mutual labels:  big-data
Sparkjni
A heterogeneous Apache Spark framework.
Stars: ✭ 11 (-21.43%)
Mutual labels:  big-data
Autodl
Automated Deep Learning without ANY human intervention. 1'st Solution for AutoDL [email protected]
Stars: ✭ 854 (+6000%)
Mutual labels:  big-data
View All Similar Projects ➔

k8s-ingress-claim

Description

k8s-ingress-claim provides an admission control policy that safeguards against accidental duplicate claiming of Hosts/Domains by ingresses that have already been claimed by existing ingresses.

Implementation

This is implemented as an External Admission Webhook with the k8s-ingress-claim service running as a deployment on each cluster.

The webhook is configured to send admission review requests for CREATE and UPDATE operations on ingress resources to the k8s-ingress-claim service. The k8s-ingress-claim service listens on a HTTPS port and on receiving such requests, it resolves the ingress claim provider for the new ingress resource and the provider implementation validates that no other existing ingresses own the hosts/domains being claimed. Every ingress claim provider may implement the validation to make sure the domain claims conform to its routing policies.

This repository includes the domain claim validation check implementations for two ingress claim providers:

  • Apache Traffic Server
  • Istio

The example implementations on this repository assume that the ingresses claim domains on a FCFS basis.

The admission webhook service also provides a ValidateSemantics interface for the ingress claim provider to perform provider specific semantic validation checks to ensure the ingress resources spec conform to policy specifications.

Basic Dev Setup

  1. Git clone to your local directory.
  2. Build binary:
    • Mac os: go build -i -o k8s-ingress-claim
    • Rhel: env GOOS=linux GOARCH=386 go build -i -o k8s-ingress-claim
  3. Run binary: ./k8s-ingress-claim.
  4. Follow standard Go code format: gofmt -w *.go

Command Line Parameters

Usage of k8s-ingress-claim:
  -admitAll
    	True to admit all ingress without validation.
  -alsologtostderr
    	log to standard error as well as files
  -certFile string
    	The cert file for the https server. (default "/etc/ssl/certs/ingress-claim/server.crt")
  -clientAuth
    	True to verify client cert/auth during TLS handshake.
  -clientCAFile string
    	The cluster root CA that signs the apiserver cert (default "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt")
  -keyFile string
    	The key file for the https server. (default "/etc/ssl/certs/ingress-claim/server-key.pem")
  -logFile string
    	Log file name and full path. (default "/var/log/ingress-claim.log")
  -logLevel string
    	The log level. (default "info")
  -port string
    	HTTPS server port. (default "443")

Copyright 2017 Yahoo Holdings Inc. Licensed under the terms of the 3-Clause BSD License.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].