{"id":14988170,"url":"https://github.com/apache/cloudstack-kubernetes-provider","last_synced_at":"2025-08-22T01:12:53.065Z","repository":{"id":37778611,"uuid":"196358567","full_name":"apache/cloudstack-kubernetes-provider","owner":"apache","description":"Apache Cloudstack Kubernetes Provider","archived":false,"fork":false,"pushed_at":"2024-08-01T16:15:17.000Z","size":53484,"stargazers_count":44,"open_issues_count":14,"forks_count":27,"subscribers_count":25,"default_branch":"main","last_synced_at":"2025-04-10T11:58:39.435Z","etag":null,"topics":["cloud","cloudstack","java","python"],"latest_commit_sha":null,"homepage":"https://cloudstack.apache.org/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apache.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-11T09:02:20.000Z","updated_at":"2025-02-10T23:29:58.000Z","dependencies_parsed_at":"2024-01-23T17:31:32.109Z","dependency_job_id":"5f11824e-d4b1-42df-9979-d43f07dc61b3","html_url":"https://github.com/apache/cloudstack-kubernetes-provider","commit_stats":{"total_commits":95,"total_committers":15,"mean_commits":6.333333333333333,"dds":0.6105263157894737,"last_synced_commit":"a315d9e1c2aa3d571abf2ef992c230d5cbcf58c6"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcloudstack-kubernetes-provider","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcloudstack-kubernetes-provider/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcloudstack-kubernetes-provider/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcloudstack-kubernetes-provider/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apache","download_url":"https://codeload.github.com/apache/cloudstack-kubernetes-provider/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248666751,"owners_count":21142302,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloud","cloudstack","java","python"],"created_at":"2024-09-24T14:16:14.350Z","updated_at":"2025-04-13T09:42:41.961Z","avatar_url":"https://github.com/apache.png","language":"Go","readme":"# CloudStack Kubernetes Provider\n\n[![](https://img.shields.io/github/release/apache/cloudstack-kubernetes-provider.svg?logo=github\u0026style=flat-square \"Release\")](https://github.com/apache/cloudstack-kubernetes-provider/releases)\n[![](https://img.shields.io/badge/license-Apache%202.0-blue.svg?color=%23282661\u0026logo=apache\u0026style=flat-square \"Apache 2.0 license\")](/LICENSE-2.0)\n[![](https://img.shields.io/badge/language-Go-%235adaff.svg?logo=go\u0026style=flat-square \"Go language\")](https://golang.org)\n[![](https://img.shields.io/docker/v/apache/cloudstack-kubernetes-provider?label=docker%20hub\u0026logo=docker\u0026style=flat-square \"Docker Hub Image Version\")](https://hub.docker.com/r/apache/cloudstack-kubernetes-provider/)\n\nA Cloud Controller Manager to facilitate Kubernetes deployments on Cloudstack.\n\nBased on the old Cloudstack provider in Kubernetes was removed.\n\nRefer:\n* https://github.com/kubernetes/kubernetes/tree/release-1.15/pkg/cloudprovider/providers/cloudstack\n* https://github.com/kubernetes/enhancements/issues/672\n* https://github.com/kubernetes/enhancements/issues/88\n\n## Deployment\n\nThe CloudStack Kubernetes Provider is automatically deployed when a Kubernetes Cluster is created on CloudStack 4.16+\n\nIn order to communicate with CloudStack, a separate service user **kubeadmin** is created in the same account as the cluster owner.\nThe provider uses this user's API keys to get the details of the cluster as well as update the networking rules. It is imperative that this user\nis not altered or have its keys regenerated.\n\nThe provider can also be manually deployed as follows :\n\n### Kubernetes\n\nPrebuilt containers are posted on [Docker Hub](https://hub.docker.com/r/apache/cloudstack-kubernetes-provider).\n\nTo configure API access to your CloudStack management server, you need to create a secret containing a `cloud-config`\nthat is suitable for your environment.\n\n`cloud-config` should look like this:\n```ini\n[Global]\napi-url = \u003cCloudStack API URL\u003e\napi-key = \u003cCloudStack API Key\u003e\nsecret-key = \u003cCloudStack API Secret\u003e\nproject-id = \u003cCloudStack Project UUID (optional)\u003e\nzone = \u003cCloudStack Zone Name (optional)\u003e\nssl-no-verify = \u003cDisable SSL certificate validation: true or false (optional)\u003e\n```\n\nThe access token needs to be able to fetch VM information and deploy load balancers in the project or domain where the nodes reside.\n\nTo create the secret, use the following command:\n```bash\nkubectl -n kube-system create secret generic cloudstack-secret --from-file=cloud-config\n```\n\nYou can then use the provided example [deployment.yaml](/deployment.yaml) to deploy the controller:\n```bash\nkubectl apply -f deployment.yaml\n```\n\n### Protocols\n\nThis CCM supports TCP, UDP and [TCP-Proxy](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) LoadBalancer deployments.\n\nFor UDP and Proxy Protocol support, CloudStack 4.6 or later is required.\n\nSince kube-proxy does not support the Proxy Protocol or UDP, you should connect this directly to pods, for example by deploying a DaemonSet and setting `hostPort: \u003cTCP port\u003e` on the desired container port.\nImportant: The service running in the pod must support the chosen protocol. Do not try to enable TCP-Proxy when the service only supports regular TCP.\n\n[traefik-ingress-controller.yml](/traefik-ingress-controller.yml) contains a basic deployment for the Træfik ingress controller that illustrates how to use it with the proxy protocol.\n\nFor the nginx ingress controller, please refer to the official documentation at [kubernetes.github.io/ingress-nginx/deploy](https://kubernetes.github.io/ingress-nginx/deploy/). After applying the deployment, patch it for proxy protocol support with the provided fragment:\n\n```bash\nkubectl apply -f nginx-ingress-controller-patch.yml\n```\n\n### Node Labels\n\n:warning: **The node name must match the host name, so the controller can fetch and assign metadata from CloudStack.**\n\nIt is recommended to launch `kubelet` with the following parameter:\n\n```\n--register-with-taints=node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule\n```\n\nThis will treat the node as 'uninitialized' and cause the CCM to apply metadata labels from CloudStack automatically.\n\nSupported labels for Kubernetes versions up to 1.16 are:\n* kubernetes.io/hostname (= the instance name)\n* beta.kubernetes.io/instance-type (= the compute offering)\n* failure-domain.beta.kubernetes.io/zone (= the zone)\n* failure-domain.beta.kubernetes.io/region (also = the zone)\n\nSupported labels for Kubernetes versions 1.17 and later are:\n* kubernetes.io/hostname (= the instance name)\n* node.kubernetes.io/instance-type (= the compute offering)\n* topology.kubernetes.io/zone (= the zone)\n* topology.kubernetes.io/region (also = the zone)\n\nIt is also possible to trigger this process manually by issuing the following command:\n\n```\nkubectl taint nodes \u003cmy-node-without-labels\u003e node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule\n```\n\n## Migration Guide\n\nThere are several notable differences to the old Kubernetes CloudStack cloud provider that need to be taken into\naccount when migrating from the old cloud provider to the standalone controller.\n\n### Load Balancer\n\nLoad balancer rule names now include the protocol in addition to the LB name and service port.\nThis was added to distinguish tcp, udp and tcp-proxy services operating on the same port.\nWithout this change, it would not be possible to map a service that runs on both TCP and UDP port 8000, for example.\n\n:warning: **If you have existing rules, remove them before the migration, and add them back afterwards.**\n\nIf you don't do this, you will end up with duplicate rules for the same service, which won't work.\n\n### Metadata\n\nSince the controller is now intended to be run inside a pod and not on the node, it will not be able to fetch metadata from the Virtual Router's DHCP server.\n\nInstead, it first obtains the name of the node from Kubernetes, then fetches information from the CloudStack API.\n\n## Development\n\n### Building\n\nAt least Go 1.21 is required to build cloudstack-ccm.\n\nTo build the controller with correct versioning, some build flags need to be passed.\nA Makefile is provided that sets these build flags to automatically derived values.\n\n```bash\ngo get github.com/apache/cloudstack-kubernetes-provider\ncd ${GOPATH}/src/github.com/apache/cloudstack-kubernetes-provider\nmake\n```\n\nTo build the cloudstack-cloud-controller-manager container, please use the provided Dockerfile.\nThe Makefile will also with that and properly tag the resulting container.\n\n```bash\nmake docker\n```\n\n### Testing\n\nYou need a local instance of the CloudStack Management Server or a 'real' one to connect to.\nThe CCM supports the same cloud-config configuration file format used by [the cs tool](https://github.com/exoscale/cs),\nso you can simply point it to that.\n\n```bash\n./cloudstack-ccm --cloud-provider external-cloudstack --cloud-config ~/.cloud-config --master k8s-apiserver\n```\n\nReplace k8s-apiserver with the host name of your Kubernetes development clusters's API server.\n\nIf you don't have a 'real' CloudStack installation, you can also launch a local [simulator instance](https://hub.docker.com/r/cloudstack/simulator) instead. This is very useful for dry-run testing.\n\n## Copyright\n\nCopyright 2019 The Apache Software Foundation\n\nThis product includes software developed at\nThe Apache Software Foundation (http://www.apache.org/).\n","funding_links":[],"categories":["Configuration Management Integrations"],"sub_categories":["Terraform"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fcloudstack-kubernetes-provider","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapache%2Fcloudstack-kubernetes-provider","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fcloudstack-kubernetes-provider/lists"}