https://github.com/powerhome/pac-quota-controller

PAC Resource Sharing Validation Webhook
https://github.com/powerhome/pac-quota-controller

kubernetes-controller pac sre

Last synced: 2 months ago
JSON representation

PAC Resource Sharing Validation Webhook

• Host: GitHub
• URL: https://github.com/powerhome/pac-quota-controller
• Owner: powerhome
• License: apache-2.0
• Created: 2025-05-07T14:07:35.000Z (11 months ago)
• Default Branch: main
• Last Pushed: 2025-12-31T11:43:17.000Z (3 months ago)
• Last Synced: 2026-01-01T15:46:38.292Z (3 months ago)
• Topics: kubernetes-controller, pac, sre
• Language: Go
• Homepage:
• Size: 559 KB
• Stars: 0
• Watchers: 5
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
# ClusterResourceQuota Controller

A Kubernetes operator for implementing cluster-wide resource quotas across multiple namespaces.

## Overview

The ClusterResourceQuota controller mimics the Kubernetes ResourceQuota mechanism to work across multiple namespaces. This allows administrators to define resource constraints that apply to groups of namespaces based on label selectors.

## Features

- Create quotas that apply across multiple namespaces

- Select namespaces using label selectors

- Support for all standard Kubernetes resource types (pods, services, etc.)

- Support for compute resources (CPU, memory)

- Support for storage resources (PVCs)

- Automatic aggregation of resource usage across namespaces

## Usage

### Installation

> **Note:** The Helm chart is the single source of truth for all manifests (CRDs, RBAC, webhooks, cert-manager, etc.). The `config/` folder and Kubebuilder-generated manifests are not used for deployment or testing. Kubebuilder markers in the Go code are for documentation only.

Install the controller using Helm:

```sh

helm install pac-quota-controller oci://ghcr.io/powerhome/pac-quota-controller-chart --version  -n pac-quota-controller-system --create-namespace

```

To upgrade:

```sh

helm upgrade pac-quota-controller oci://ghcr.io/powerhome/pac-quota-controller-chart --version  -n pac-quota-controller-system

```

## End-to-End (e2e) Testing

All e2e tests use Helm for deployment. The `config/` folder is ignored and not used for testing or production. To run e2e tests:

```sh

# Install chart for testing

helm install pac-quota-controller ./charts/pac-quota-controller -n pac-quota-controller-system --create-namespace

# Run tests

make test-e2e

# Uninstall after tests

helm uninstall pac-quota-controller -n pac-quota-controller-system

```

## Example Usage

Create a ClusterResourceQuota to limit resources across namespaces:

```yaml

apiVersion: quota.powerapp.cloud/v1alpha1

kind: ClusterResourceQuota

metadata:

  name: team-quota

spec:

  namespaceSelector:

    matchLabels:

      team: frontend

  hard:

    pods: "50"

    requests.cpu: "10"

    requests.memory: 20Gi

    limits.cpu: "20"

    limits.memory: 40Gi

    # Storage resources

    requests.storage: "100Gi"                    # PVC storage requests

    requests.ephemeral-storage: "20Gi"           # Pod ephemeral storage requests

```

This quota will apply to all namespaces with the label `team: frontend` and limit:

- Total pods to 50

- Total CPU requests to 10 cores and limits to 20 cores

- Total memory requests to 20Gi and limits to 40Gi

- Total storage requests from PVCs to 100Gi

- Total ephemeral storage requests from Pods to 20Gi

## Contributing

See [CONTRIBUTING.md](CONTRIBUTING.md).