https://github.com/fairwindsops/klustered

https://github.com/fairwindsops/klustered

klustered kubernetes

Last synced: about 1 year ago
JSON representation

• Host: GitHub
• URL: https://github.com/fairwindsops/klustered
• Owner: FairwindsOps
• License: apache-2.0
• Created: 2021-08-03T19:19:06.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2021-08-04T18:26:29.000Z (almost 5 years ago)
• Last Synced: 2025-05-12T17:15:49.051Z (about 1 year ago)
• Topics: klustered, kubernetes
• Language: Go
• Homepage: https://fairwinds.com
• Size: 102 KB
• Stars: 5
• Watchers: 14
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          
# Klustered

This go application was designed to prevent the other team in a Klustered challenge from being able to update a deployment from a v1 to a v2 image. There are several approaches it takes to doing this.

## Usage

### Deployment

Just run `klustered deploy` and the pod will be created along with a service account and clusterrolebinding for that service account.

## Breaks

### MutatingAdmissionWebhook

The application registers a mutating admission webhook that modifies any pod with the klustered v2 image back to the klustered v1 image.

### ValidatingAdmissionWebhook

The application registers a validating admission webhook that reject any create or update of a deployment using the v2 image

### Self-Healing

If either of the hooks, or the service are deleted, there is a background loop that will re-create those resources.

Additionally, if the pod receives a shutdown signal (INT, KILL, etc.), it will create a new copy of itself.

### Hiding in the open

All of the resources created are named to look innocent. Things like `default`, `api-server`, `cilium-XXXXX`, etc.