{"id":18136094,"url":"https://github.com/errordeveloper/knested","last_synced_at":"2025-04-19T14:34:07.954Z","repository":{"id":137924910,"uuid":"250225862","full_name":"errordeveloper/knested","owner":"errordeveloper","description":null,"archived":false,"fork":false,"pushed_at":"2025-01-06T18:16:58.000Z","size":601,"stargazers_count":7,"open_issues_count":11,"forks_count":0,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-01-06T18:48:41.912Z","etag":null,"topics":["eks","eksctl","kata-containers","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"CUE","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/errordeveloper.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-03-26T10:20:52.000Z","updated_at":"2025-01-06T18:17:02.000Z","dependencies_parsed_at":"2025-01-06T18:56:39.646Z","dependency_job_id":null,"html_url":"https://github.com/errordeveloper/knested","commit_stats":null,"previous_names":["errordeveloper/knested"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/errordeveloper%2Fknested","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/errordeveloper%2Fknested/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/errordeveloper%2Fknested/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/errordeveloper%2Fknested/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/errordeveloper","download_url":"https://codeload.github.com/errordeveloper/knested/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":233546478,"owners_count":18692226,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["eks","eksctl","kata-containers","kubernetes"],"created_at":"2024-11-01T14:10:40.149Z","updated_at":"2025-01-11T22:49:24.837Z","avatar_url":"https://github.com/errordeveloper.png","language":"CUE","funding_links":[],"categories":[],"sub_categories":[],"readme":"# `knested`: Kubernetes-in-Kubernetes for GitOps-Cluster-as-Service\n\nThis project enables one to easily deploy Kubernetes into Kubernetes, akin to kind on Docker.\nOne could use kind in a pod, but if they need to run several nodes, the pod will end up quite\nlarge. So knested is very much like kind in a pod, but it uses a pod for each node, so it should\neasier to scale it.\n\nknested is similar to vCluster, accept it doesn't provide any syncronisation with underlying cluster.\nknested only leverages underlying cluster for deployment - secrets, downwards API and PVC, it doesn't\ncontinuously enforce any relationships between underlying cluster.\n\nTo deploy a cluster you need [Timoni](https://timoni.sh). You can run it on top of kind too!\n```\ngit clone https://github.com/errordeveloper/knested\ncd knested\ntimoni apply --namespace test-cluster tc-1 .\n```\n\n## Walkthrough\n\n```\n$ timoni apply --namespace test-cluster tc-1 .\n11:44AM INF i:tc-1 \u003e building .\n11:44AM INF i:tc-1 \u003e using module github.com/errordeveloper/knested version 0.0.0-devel\n11:44AM INF i:tc-1 \u003e installing tc-1 in namespace test-cluster\n11:44AM INF i:tc-1 \u003e Namespace/test-cluster created\n11:44AM INF i:tc-1 \u003e ServiceAccount/test-cluster/tc-1-cp created\n11:44AM INF i:tc-1 \u003e ServiceAccount/test-cluster/tc-1-node created\n11:44AM INF i:tc-1 \u003e Role/test-cluster/tc-1-cp created\n11:44AM INF i:tc-1 \u003e Role/test-cluster/tc-1-node created\n11:44AM INF i:tc-1 \u003e RoleBinding/test-cluster/tc-1-cp created\n11:44AM INF i:tc-1 \u003e RoleBinding/test-cluster/tc-1-node created\n11:44AM INF i:tc-1 \u003e Secret/test-cluster/tc-1-join-token created\n11:44AM INF i:tc-1 \u003e Secret/test-cluster/tc-1-kubeconfig created\n11:44AM INF i:tc-1 \u003e Service/test-cluster/tc-1 created\n11:44AM INF i:tc-1 \u003e Deployment/test-cluster/tc-1-cp created\n11:44AM INF i:tc-1 \u003e Deployment/test-cluster/tc-1-node created\n11:44AM INF i:tc-1 \u003e PersistentVolumeClaim/test-cluster/tc-1-cp created\n11:47AM INF i:tc-1 \u003e resources are ready\n$ kubectl exec -ti -n test-cluster deployment/tc-1-cp -- kubectl get nodes\nNAME                         STATUS   ROLES           AGE     VERSION\ntc-1-cp-7b7757f745-8f9ff     Ready    control-plane   7m1s    v1.30.3\ntc-1-node-5ddb9c8999-gqcv6   Ready    \u003cnone\u003e          6m12s   v1.30.3\n$ kubectl exec -ti -n test-cluster deployment/tc-1-cp -- kubectl get pods -n kube-system\nNAME                                               READY   STATUS    RESTARTS   AGE\ncilium-7dw7j                                       1/1     Running   0          6m24s\ncilium-n6j5q                                       1/1     Running   0          7m3s\ncilium-operator-7754954889-pw6dv                   1/1     Running   0          7m2s\ncilium-operator-7754954889-zlrc4                   1/1     Running   0          7m2s\ncoredns-7db6d8ff4d-7c649                           1/1     Running   0          7m2s\ncoredns-7db6d8ff4d-7tj8g                           1/1     Running   0          7m2s\netcd-tc-1-cp-7b7757f745-8f9ff                      1/1     Running   0          7m11s\nkube-apiserver-tc-1-cp-7b7757f745-8f9ff            1/1     Running   0          7m11s\nkube-controller-manager-tc-1-cp-7b7757f745-8f9ff   1/1     Running   0          7m11s\nkube-proxy-f6zd6                                   1/1     Running   0          6m24s\nkube-proxy-skfwv                                   1/1     Running   0          7m3s\nkube-scheduler-tc-1-cp-7b7757f745-8f9ff            1/1     Running   0          7m11s\n$\n```\n\nThe kubeconfig for this cluster can be accessed from a secret:\n\n```\n$ kubectl get secrets -n test-cluster tc-1-kubeconfig\nNAME              TYPE     DATA   AGE\ntc-1-kubeconfig   Opaque   1      10m\n$\n```\n\nThere is a handy script that can port-forward the API endpoint and setup local kubeconfig:\n```\n$ ./scripts/access-cluster.sh test-cluster tc-1\n\nstarting new shell for test-cluster/tc-1 with KUBECONFIG set\n\n[test-cluster/tc-1] $ kubectl get nodes\nNAME                         STATUS   ROLES           AGE   VERSION\ntc-1-cp-7b7757f745-8f9ff     Ready    control-plane   12m   v1.30.3\ntc-1-node-5ddb9c8999-gqcv6   Ready    \u003cnone\u003e          11m   v1.30.3\n[test-cluster/tc-1] $\n```\n\nTo cleanup you can just run `kubectl delete ns test-cluster`.\n\nIf you just want to see how it works, checkout the following dirctories:\n- [`cluster/`](cluster): for CUE configs\n- [`images/kubeadm-ubuntu/`](images/kubeadm-ubuntu): for image builds\n\nAnd if you just need to see what resources would get deployed without running Timoni,\nthere a static example manifest - [`test-cluster.yaml`](test-cluster.yaml).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ferrordeveloper%2Fknested","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ferrordeveloper%2Fknested","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ferrordeveloper%2Fknested/lists"}