-
Notifications
You must be signed in to change notification settings - Fork 69
Multi Tenancy Roadmap
Xiaoning Ding edited this page May 12, 2020
·
52 revisions
This section lists a brief overview of the release theme of each milestone, and the key features delivered by the milestone.
The details of each milestone and the execution status are listed in the next section.
| Milestone | Theme & Key Features |
|---|---|
| 130 | Initial features (tenant object & tenant space) |
| 330 | Cluster Virtualization & Access Control |
| 430 | Multi-tenancy controllers and CRD isolation |
| 530 | Multi-tenancy networking & Multi-tenancy controllers |
| 630 | Multi-tenancy networking |
| Post 630 | P2 Features (tenant-level rate limiting, cross-tenant access, etc) |
- New API object "tenant" in system space
- TenantName in ObjectMeta type.
- Key path of the resources in etcd with tenant
- Self-links with tenant info included
- Tenant resource url resolution and access control
- Client-go changes to support tenancy
- Tenancy-aware scheduler
- Tenancy-aware replicaSet controller
- Tenancy-aware deployment controller
- Support Kata to provide OS kernel isolation
- Short path for tenant space resources in endpoint handler
- Tenancy-aware certificate authenticator
- Tenancy-aware token authenticator
- Tenancy-aware RBAC authorizer
- Tenant context in kube-config
- Tenancy-level API resource discovery
- Add tenant controller
- CRD Isolation among tenants
- Tenancy-aware job controller
- Tenancy-aware volume (pv/pvc) controller
- Tenancy-aware scheduler & kubelet for volume control
- New API object "network"
- Multi-tenancy CRD resource discovery
- Default tenant role binding
- Tenancy-aware statefulSet controller
- Remaining controllers for multi-tenancy: daemonset, resource quota, service, gc, replication
- Service/Endpoints design proposal
- tenant controller to bootstrap default network
- Flat network type: network controller adaption
- Flat network type: CNI adaption
- Neutron network type: network controller adaption
- Neutron network type: CNI adaption
- Stabilization Improvement
- Tenant-level Resource quota
- Admission controller to block certain tenant resources: node, daemonSet
- Service/endpoints controller
- Kubernetes service & its endpoints
- DNS service & deployment
- Flat network: kube-proxy adaption
- Tenant-level rate limiting
- Tenant-level usage metrics/statistics
- Cross-tenant access