Skip to content

Commit eb9500b

Browse files
committed
Update docs for v0.5
Signed-off-by: Mangirdas Judeikis <mangirdas@judeikis.lt> On-behalf-of: @SAP mangirdas.judeikis@sap.com
1 parent ab03f00 commit eb9500b

13 files changed

Lines changed: 424 additions & 27 deletions

File tree

README.md

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -62,23 +62,27 @@ All the actions shown between the clusters are done by the konnector, except: th
6262

6363
To get familiar with setting up the environment, please check out docs at [kube-bind.io](https://docs.kube-bind.io/main/setup).
6464

65-
## API Changes in coming v0.5.0 release
65+
## API Changes in v0.5.0 release
6666

6767
Version v0.5.0 includes significant architectural improvements to the API structure:
6868

6969
### Major Changes
7070

71-
- **API Version Upgrade**: Introduced `v1alpha2` API version with improved stability and features
72-
- **Service Exposure Refactoring**: Completely refactored the service exposure mechanism to use:
73-
- `APIResourceSchema`: Define the schema of exported CRDs, allowing one APIServiceExport to reference multiple CRDs.
74-
- `BoundAPIResourceSchema`: Represent bound schemas in consumer clusters and underlying status of synced resources.
71+
- **API Version Upgrade**: Introduced `v1alpha2` API version alongside existing `v1alpha1`
72+
- **Service Exposure Refactoring**: Refactored the service exposure mechanism from embedded CRD specifications to a resource-based model:
73+
- `APIServiceExportSpec` now uses `Resources []APIServiceExportResource` instead of embedded CRD specs
74+
- `BoundSchema`: New resource type in `v1alpha2` that represents bound schemas in consumer clusters and tracks the status of synced resources
75+
- This allows one APIServiceExport to reference multiple CRDs more efficiently
76+
77+
### Backend Architecture Improvements
78+
79+
- **MultiCluster Runtime Integration**: The backend now leverages `sigs.k8s.io/multicluster-runtime` for enhanced cluster management capabilities
80+
- **Provider Support**: Built-in support for multiple backend providers including KCP through `github.com/kcp-dev/multicluster-provider`
81+
- **Enhanced Cluster Operations**: Improved cluster-aware resource management with dedicated manager architecture for handling multi-cluster scenarios
7582

7683
### Limitations
7784

7885
These limitations are part of the roadmap and will be addressed in the future.
7986

80-
* Currently we don't support related resources, like ConfigMaps, Secrets
81-
* Currently CRD resources MUST be installed in the provider cluster, even when APIResourceSchema is used.
82-
This is to allow the konnector to sync instances of the CRD to the consumer cluster.
83-
This should be removed once we introduce sync policies and object wrappers.
84-
* Currently we dont support granular permissions, like only allow to read/write certain named resources.
87+
* Currently we don't support related resources, like ConfigMaps, Secrets.
88+
* We don't support lifecycle of `BoundSchema` resources, like schema changes.

contrib/kcp/deploy/resources/apiexport-kube-bind.io.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ spec:
7474
crd: {}
7575
- group: kube-bind.io
7676
name: clusterbindings
77-
schema: v250809-5ed76a1.clusterbindings.kube-bind.io
77+
schema: v250924-ab03f00.clusterbindings.kube-bind.io
7878
storage:
7979
crd: {}
8080
status: {}

contrib/kcp/deploy/resources/apiresourceschema-clusterbindings.kube-bind.io.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: apis.kcp.io/v1alpha1
22
kind: APIResourceSchema
33
metadata:
44
creationTimestamp: null
5-
name: v250809-5ed76a1.clusterbindings.kube-bind.io
5+
name: v250924-ab03f00.clusterbindings.kube-bind.io
66
spec:
77
conversion:
88
strategy: None
@@ -32,8 +32,8 @@ spec:
3232
name: v1alpha1
3333
schema:
3434
description: |-
35-
ClusterBinding represents a bound consumer cluster. It lives in a service
36-
provider cluster and is a singleton named "cluster" per namespace.
35+
ClusterBinding represents a bound consumer class. It lives in a service provider cluster
36+
and is a singleton named "cluster".
3737
properties:
3838
apiVersion:
3939
description: |-

deploy/crd/kube-bind.io_clusterbindings.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,8 @@ spec:
3434
schema:
3535
openAPIV3Schema:
3636
description: |-
37-
ClusterBinding represents a bound consumer cluster. It lives in a service
38-
provider cluster and is a singleton named "cluster" per namespace.
37+
ClusterBinding represents a bound consumer class. It lives in a service provider cluster
38+
and is a singleton named "cluster".
3939
properties:
4040
apiVersion:
4141
description: |-
Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,65 @@
11
# Backend
2+
3+
The kube-bind backend provides service export and binding capabilities for single Kubernetes clusters acting as backend or many clusters with support for multiple cluster providers through the multicluster-runtime architecture.
4+
5+
## Architecture
6+
7+
Starting with v0.5.0, the backend leverages `sigs.k8s.io/multicluster-runtime` for enhanced cluster management capabilities.
8+
9+
### Key Components
10+
11+
- **MultiCluster Runtime Integration**: Built on `sigs.k8s.io/multicluster-runtime` for provider-agnostic cluster operations
12+
- **Provider Support**: Extensible provider system supporting different backend implementations
13+
- **Manager Architecture**: Uses `mcmanager.Manager` for cluster-aware resource management
14+
15+
### Supported Providers
16+
17+
- **Default Provider**: Standard Kubernetes cluster support
18+
- **KCP Provider**: Integration with [kcp](https://github.com/kcp-dev/kcp) through `github.com/kcp-dev/multicluster-provider`
19+
20+
## Configuration
21+
22+
The backend can be configured to use different providers:
23+
24+
```bash
25+
./bin/backend \
26+
--multicluster-runtime-provider kcp \
27+
--server-url=$(kubectl get apiexportendpointslice kube-bind.io -o jsonpath="{.status.endpoints[0].url}") \
28+
# ... other options
29+
```
30+
31+
### Provider Configuration
32+
33+
#### KCP Provider
34+
35+
When using the KCP provider (`--multicluster-runtime-provider kcp`), the backend:
36+
37+
- Connects to kcp workspaces through APIExports
38+
- Manages resources across logical clusters
39+
- Supports advanced multi-tenancy features
40+
- Enables workspace-based isolation
41+
42+
#### Default Provider
43+
44+
The default provider works with standard Kubernetes clusters and provides:
45+
46+
- Direct cluster connectivity
47+
- Namespace-based isolation
48+
- Standard RBAC integration
49+
50+
## API Changes
51+
52+
The backend now supports the v1alpha2 API with significant architectural improvements:
53+
54+
- **Resource-Based Exports**: APIServiceExport now uses resource references instead of embedded CRDs
55+
- **BoundSchema Support**: Integration with BoundSchema resources for better schema management
56+
- **Multi-Resource Support**: Single exports can reference multiple CRDs efficiently
57+
58+
## Controllers
59+
60+
The backend includes several controllers for managing the export/binding lifecycle:
61+
62+
- **ClusterBinding Controller**: Manages cluster binding lifecycle
63+
- **ServiceExport Controller**: Handles APIServiceExport resources
64+
- **ServiceExportRequest Controller**: Processes export requests
65+
- **ServiceNamespace Controller**: Manages namespace isolation

docs/content/developers/konnector/controllers/cluster/apiserviceexport.md

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,21 @@
11
# APIServiceExports
22

3-
The APIServiceExport controller watches `APIServiceExports` and the referenced `CustomResourceDefinitions` (CRDs) in the **provider cluster**.
3+
The APIServiceExport controller watches `APIServiceExports` and the referenced resources in the **provider cluster**.
44

5-
It is responsible for:
5+
Starting with v1alpha2, the APIServiceExport has been refactored to use a resource-based model instead of embedded CRD specifications.
6+
7+
## Key Changes in v1alpha2
8+
9+
- **Resource-Based Model**: `APIServiceExportSpec` now uses `Resources []APIServiceExportResource` instead of embedded CRD specs
10+
- **Multi-Resource Support**: One APIServiceExport can reference multiple CRDs more efficiently
11+
- **BoundSchema Integration**: Works with the new `BoundSchema` resource type for tracking bound schemas in consumer clusters
12+
13+
## Controller Responsibilities
614

715
* Ensuring the existence and validity of `APIServiceExports`.
816
* Managing the lifecycle of `APIServiceExports` by starting and stopping spec and status syncers and controllers.
917
* Checking `APIServiceBinding` condition and setting `ConsumerInSync` condition in `APIServiceExport`
10-
* Copying conditions from the referenced CRDs to the `APIServiceExport` status.
18+
* Managing resource references and their associated schemas.
1119

1220
## Overview
1321

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
# BoundSchema
2+
3+
The BoundSchema controller manages `BoundSchema` resources in the consumer cluster, introduced in v1alpha2.
4+
5+
`BoundSchema` represents bound API resource schemas in consumer clusters and tracks the underlying status of synced resources.
6+
7+
## Key Features
8+
9+
- **Schema Validation**: Ensures the bound schema is valid and properly applied
10+
- **Drift Detection**: Monitors for differences between expected and actual schema state
11+
- **Condition Management**: Provides status conditions for validation and drift detection
12+
13+
## BoundSchema Structure
14+
15+
```yaml
16+
apiVersion: kubebind.io/v1alpha2
17+
kind: BoundSchema
18+
metadata:
19+
name: example-schema
20+
namespace: kube-bind-example
21+
spec:
22+
informerScope: Namespaced # or Cluster
23+
group: example.com
24+
names:
25+
kind: ExampleResource
26+
plural: exampleresources
27+
scope: Namespaced
28+
versions:
29+
- name: v1
30+
served: true
31+
storage: true
32+
schema: # JSONSchema for validation
33+
status:
34+
acceptedNames: # Names actually being used
35+
storedVersions: []
36+
conditions:
37+
- type: Valid
38+
status: "True"
39+
reason: Accepted
40+
```
41+
42+
## Integration with APIServiceExport
43+
44+
BoundSchema works closely with the APIServiceExport resource-based model:
45+
46+
1. APIServiceExport references multiple resources via `Resources []APIServiceExportResource`
47+
2. Each resource can map to a BoundSchema in the consumer cluster
48+
3. BoundSchema tracks the actual application and status of these schemas
49+
4. This enables better multi-resource management and status tracking

docs/content/setup/index.md

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,32 @@
11
# Setting Up kube-bind
22

3+
kube-bind supports multiple deployment scenarios and backend providers to meet different requirements.
4+
5+
## Setup Options
6+
7+
### Standard Kubernetes Setup
8+
9+
- **[Quickstart](quickstart.md)**: Get started quickly with the default provider
10+
- **[Helm Deployment](helm.md)**: Production deployment using Helm charts
11+
- **[Local Setup with Kind](local-setup-with-kind.md)**: Local development environment
12+
- **[kubectl Plugin](kubectl-plugin.md)**: Install and use the kubectl-bind plugin
13+
14+
### Advanced Multi-Cluster Setup
15+
16+
- **[KCP Integration](kcp-setup.md)**: Advanced multi-tenant setup with kcp workspaces and APIExports
17+
18+
## Architecture Overview
19+
20+
Starting with v0.5.0, kube-bind uses a multicluster-runtime architecture that supports:
21+
22+
- **Multiple Providers**: Choose between standard Kubernetes or KCP backends
23+
- **Enhanced API**: v1alpha2 API with resource-based exports and BoundSchema support
24+
- **Flexible Deployment**: Support for various cluster topologies and requirements
25+
26+
Choose the setup that best fits your use case:
27+
28+
- Use **Quickstart** or **Local Setup with Kind** for development and testing
29+
- Use **Helm Deployment** for production environments with standard Kubernetes
30+
- Use **KCP Integration** for advanced multi-tenant scenarios with workspace isolation
31+
332
{% include "partials/section-overview.html" %}

0 commit comments

Comments
 (0)