Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/inwinstack/pa-controller

A controller creates/updates/manages PAN atop Kubernetes. :hatched_chick::hatched_chick::hatched_chick:
https://github.com/inwinstack/pa-controller

kubernetes kubernetes-operator operating-systems palo-alto-firewalls

Last synced: about 2 months ago
JSON representation

A controller creates/updates/manages PAN atop Kubernetes. :hatched_chick::hatched_chick::hatched_chick:

Host: GitHub
URL: https://github.com/inwinstack/pa-controller
Owner: inwinstack
License: apache-2.0
Created: 2018-07-31T07:19:06.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2019-10-03T07:56:14.000Z (over 5 years ago)
Last Synced: 2024-11-19T17:50:13.232Z (3 months ago)
Topics: kubernetes, kubernetes-operator, operating-systems, palo-alto-firewalls
Language: Go
Homepage:
Size: 1.31 MB
Stars: 2
Watchers: 3
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS

Awesome Lists containing this project

README

[![Build Status](https://travis-ci.org/inwinstack/pa-controller.svg?branch=master)](https://travis-ci.org/inwinstack/pa-controller) [![codecov](https://codecov.io/gh/inwinstack/pa-controller/branch/master/graph/badge.svg)](https://codecov.io/gh/inwinstack/pa-controller) [![Docker Pulls](https://img.shields.io/docker/pulls/inwinstack/pa-controller.svg)](https://hub.docker.com/r/inwinstack/pa-controller/) ![Hex.pm](https://img.shields.io/hexpm/l/plug.svg)
# PA Controller
The PA controller for syncing Kubernetes CRDs to make it easy to set PAN policy and object.

Once installed, the PA controller provides the following custom resources:

* **NAT**: NAT rules provide address translation, and are different from security policy rules, which allow or deny packets.
* **Security**: Security policy protects network assets from threats and disruptions and aids in optimally allocating network resources for enhancing productivity and efficiency in business processes.
* **Service**: When you define policies for specific applications, you can select one or more services to limit the port numbers the applications can use.

![](images/architecture.png)

## Building from Source
Clone repo into your go path under `$GOPATH/src`:
```sh
$ git clone https://github.com/inwinstack/pa-controller.git $GOPATH/src/github.com/inwinstack/pa-controller
$ cd $GOPATH/src/github.com/inwinstack/pa-controller
$ make
```

## Debug out of the cluster
Run the following command to debug:
```sh
$ go run cmd/main.go \
--kubeconfig $HOME/.kube/config \
--logtostderr \
-v=2 \
--host=172.22.132.114 \
--username=admin \
--password=admin
```

## Deploy in the cluster
Run the following command to deploy the controller:
```sh
$ kubectl apply -f deploy/
$ kubectl -n kube-system get po -l app=pa-controller
```