Comments (2)
There has not been any activity to this issue in the last 14 days. It will automatically be closed after 7 more days. Remove the stale
label to prevent this.
from kubernetes-replicator.
Thanks for the report 👍 and sorry for the late response. 🙄🙏 This might be one of these issues that are more complicated than they first appear. 🤯 Some thoughts:
- The entire replicator was designed with the goal in mind to replicates resources across namespaces. By definition, it'll need read/write access to multiple namespaces for that. Using the replicator in a single namespace was never the intended use case, since in that case you won't need it for most of the use cases it was designed to solve.
- Apart from using a
ClusterRoleBinding
to grant access to all namespaces, granting access to a select subset of namespaces should also be possible using aClusterRole
(or multipleRole
s in different namespaces) with different namespacedRoleBindings
. - HOWEVER, the replicator in its current state won't play along with that, because it sets up its informers using un-namespaced
WATCH
andLIST
calls to the replicated resources (like the configmap replicator here), which still require cluster-wide access. To support multiple-namespaces, the replicator would need to be refactored to use multiple informers (one for each namespace), which would further complicate replication logic.
Realistically, I don't see us finding the resources to implement a major change like this one anytime soon. However, PRs are always welcome. 🙂
from kubernetes-replicator.
Related Issues (20)
- Allow replication of only certain keys
- Publishing a new Helm Chart version HOT 1
- New Release Timeline? HOT 1
- How to reduce log level to warning from info HOT 10
- how often does the controller check secrets for changes and re-synch? HOT 1
- Allow setting an arbitrary name for the copied Secret resource
- Configurable object types only being replicated HOT 4
- Replication fails randomly on different namespaces during initial startup
- ServiceAccount replication doesn't preserve annotations HOT 1
- Secrets has been deployed with khelm and ArgoCD wants to delete it
- Support replication for Custom Resource
- Proposal: "Pull-based" Replication Using Service Account for Kubernetes-Replicator
- Question Regarding Kubernetes-Replicator's Version Support Policy HOT 1
- fix: secret is replicated to only partial namespaces HOT 1
- secret tls not replicated HOT 2
- not reliable replication
- Allow to disable secret overwrite. Use annotation to protect original values of existing secret in target namespace HOT 1
- Replicatior keep track of removed secrets and loop for wildcard regex in replication-allowed-namespaces.
- Failed to watch secrets: Stream Error
- Helm chart down? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes-replicator.