{"id":13846236,"url":"https://github.com/vmware-archive/k8s-endpoints-sync-controller","last_synced_at":"2025-07-12T07:32:12.844Z","repository":{"id":66819924,"uuid":"144050351","full_name":"vmware-archive/k8s-endpoints-sync-controller","owner":"vmware-archive","description":"Cross-Cluster Kubernetes Endpoints Sync Controller","archived":true,"fork":false,"pushed_at":"2019-06-20T04:59:24.000Z","size":71,"stargazers_count":20,"open_issues_count":5,"forks_count":3,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-12-19T00:04:16.177Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vmware-archive.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-08-08T18:05:19.000Z","updated_at":"2023-01-28T11:48:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"d23e5b50-9596-4cf2-a7aa-6ae243ec10e6","html_url":"https://github.com/vmware-archive/k8s-endpoints-sync-controller","commit_stats":null,"previous_names":["vmware/k8s-endpoints-sync-controller"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/vmware-archive/k8s-endpoints-sync-controller","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware-archive%2Fk8s-endpoints-sync-controller","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware-archive%2Fk8s-endpoints-sync-controller/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware-archive%2Fk8s-endpoints-sync-controller/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware-archive%2Fk8s-endpoints-sync-controller/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vmware-archive","download_url":"https://codeload.github.com/vmware-archive/k8s-endpoints-sync-controller/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vmware-archive%2Fk8s-endpoints-sync-controller/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264958135,"owners_count":23689007,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T18:00:20.612Z","updated_at":"2025-07-12T07:32:12.529Z","avatar_url":"https://github.com/vmware-archive.png","language":"Go","funding_links":[],"categories":["Operators vs Controllers"],"sub_categories":["Multi-Cluster"],"readme":"\n\n# k8s-endpoints-sync-controller\n\n## Overview\nThis controller deployed on each connected Kubernetes cluster replicates the Kubernetes service and endpoints objects across clusters so that services can be discovered and enables communication across clusters using Kubernetes service names.\n\nThe communication across clusters relies on kube-proxy to update the iptable rules on each node as the controller creates/updates the API objects.\n\n### Talks\nlightning talk at SRECON Asia 2019. https://www.usenix.org/sites/default/files/conference/protected-files/srecon19apac_slides_lightning.pdf#page=23 \n\n### Prerequisites\n\n* All the clusters should have different clusterCIDR.\n* All the clusters should be connected so that there is Pod to Pod connectivity across clusters. This can be achieved using \n    1) VPN across clusters with L3 routing if using Kubenet network plugin. \n    2) On AWS, VPC peering between two EKS clusters\n    3) on GKE, https://istio.io/docs/examples/multicluster/gke/\n    4) on IBM cloud, https://istio.io/docs/examples/multicluster/icp/ \n* The Kubernetes API Server of every cluster should be reachable to other clusters.\n\n### Build \u0026 Run\n\n1. Install Go 1.9 or higher version\n2. Install Glide\n3. checkout the project onto the GOPATH\n4. run *glide up* -\u003e to import all the dependencies\n3. run *make build* -\u003e to build the binary\n4. run *make buildimage TAG=\u003cimage_name:version\u003e* -\u003e to build the Docker image\n\nThe executable expects kubeconfig files of the clusters to connect mounted at /etc/kubeconfigs to run in the cluster. \\\nThe following environment variables can be set\n1. NSTOWATCH - Array of namespaces in which services and endpoints objects will be watched and replicated. (Default: all)\n2. EXCLUDE - Array of namespaces in which objects will not be replicated. (Default: ) \n\n\n## Documentation\n\nAssuming the pod IP addresses are routable across clusters, the goal is to enable communication through K8s service objects i.e. App A in region A should talk to app B in region B using app B's K8s service name and vice-versa.\nThis is achieved by creating in cluster A:\n1. app B service object (headed/headless) without pod selectors \n2. endpoints object with endpoints as IP addresses of app B pods in cluster B. \n\nThis enables kube-proxy in cluster A to load balance requests on the service name of app B to app B's pods.\n\n![cross-cluster service discovery example](discovery.png)\n\n### Annotations for Service Migration\nThe controller provides annotation features for the service teams to migrate services across clusters with no downtime. \nThe following describes how to use these annotations when migrating a service from source cluster to target cluster. \n\n **Annotation Key: vmware.com/syndicate-mode** \\\n **Annoration Values: {source, receiver, singular}**\n\nBefore migration the service is replicated from source cluster to target cluster i.e the service obj in the source cluster will have the selector but the replicated service obj in the target cluster will not have selector and the endpoints obj in that cluster is maintained by the controller. After migration, the service is replicated from target cluster to source cluster.\n\n##### Migrating K8s service obj with selector for stateful services\nAfter deploying new pods in target cluster and completing the data migration, \n1. Add annotation 'receiver' in the source cluster. This should update the service obj in the target cluster with annotation 'source'. Also, the controller will remove the selector from the service in the source cluster and the replication will now happen from target→source cluster.\n2. Update the service obj in the target cluster with right selector.\n\n##### Migrating K8s service obj with selector for stateless services\nAfter deploying new pods in target cluster, \n1. Add annotation 'union' in the source cluster. This will remove the selector from the service obj in source cluster and updates endpoints object in both clusters with union of pod ipaddresses( old ips + new ips). This ensures that the request for the service will be served by any of the pod in both clusters.\n2. Update the service obj in target cluster with 'source' annotation. This should update the service obj in the source cluster with annotation 'receiver' and the replication will now happen from target→source cluster.\n3. Update the service obj in the target cluster with right selector if needed.\n\n##### Stop replicating K8s service \u0026 endpoints object\n1. Update the service obj in any cluster with annotation 'singular'. This will stop replicating that service and will remove replicated svc obj and endpoints obj.\nCreating service obj in any cluster with annotation 'singular' will also not create replicated objects. \n\n## Releases \u0026 Major Branches\n\n## Contributing\n\nThe k8s-endpoints-sync-controller project team welcomes contributions from the community. Before you start working with k8s-endpoints-sync-controller, please read our [Developer Certificate of Origin](https://cla.vmware.com/dco). All contributions to this repository must be signed as described on that page. Your signature certifies that you wrote the patch or have the right to pass it on as an open-source patch. For more detailed information, refer to [CONTRIBUTING.md](CONTRIBUTING.md).\n\n## License\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvmware-archive%2Fk8s-endpoints-sync-controller","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvmware-archive%2Fk8s-endpoints-sync-controller","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvmware-archive%2Fk8s-endpoints-sync-controller/lists"}