Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
k8s.io/sample-controller
This repository implements a simple controller for watching Foo resources as defined with a CustomResourceDefinition (CRD).
Note: go-get or vendor this package as k8s.io/sample-controller
.
This particular example demonstrates how to perform basic operations such as:
Foo
using a CustomResourceDefinition.Foo
.It makes use of the generators in k8s.io/code-generator
to generate a typed client, informers, listers and deep-copy functions. You can
do this yourself using the ./hack/update-codegen.sh
script.
The update-codegen
script will automatically generate the following files &
directories:
pkg/apis/samplecontroller/v1alpha1/zz_generated.deepcopy.go
pkg/generated/
Changes should not be made to these files manually, and when creating your own
controller based off of this implementation you should not copy these files and
instead run the update-codegen
script to generate your own.
The sample controller uses client-go library extensively. The details of interaction points of the sample controller with various mechanisms from this library are explained here.
Issue the following commands --- starting in whatever working directory you like.
git clone https://github.com/kubernetes/sample-controller
cd sample-controller
Note, however, that if you intend to
generate code then you will also need the
code-generator repo to exist in an old-style location. One easy way
to do this is to use the command go mod vendor
to create and
populate the vendor
directory.
If you are developing Kubernetes according to
https://github.com/kubernetes/community/blob/master/contributors/guide/github-workflow.md
then you already have a copy of this demo in
kubernetes/staging/src/k8s.io/sample-controller
and its dependencies
--- including the code generator --- are in usable locations
(valid for all Go versions).
This is an example of how to build a kube-like controller with a single type.
Prerequisite: Since the sample-controller uses apps/v1
deployments, the Kubernetes cluster version should be greater than 1.9.
# assumes you have a working kubeconfig, not required if operating in-cluster
go build -o sample-controller .
./sample-controller -kubeconfig=$HOME/.kube/config
# create a CustomResourceDefinition
kubectl create -f artifacts/examples/crd-status-subresource.yaml
# create a custom resource of type Foo
kubectl create -f artifacts/examples/example-foo.yaml
# check deployments created through the custom resource
kubectl get deployments
CustomResourceDefinitions can be used to implement custom resource types for your Kubernetes cluster.
These act like most other Resources in Kubernetes, and may be kubectl apply
'd, etc.
Some example use cases:
Each instance of your custom resource has an attached Spec, which should be defined via a struct{}
to provide data format validation.
In practice, this Spec is arbitrary key-value data that specifies the configuration/behavior of your Resource.
For example, if you were implementing a custom resource for a Database, you might provide a DatabaseSpec like the following:
type DatabaseSpec struct {
Databases []string `json:"databases"`
Users []User `json:"users"`
Version string `json:"version"`
}
type User struct {
Name string `json:"name"`
Password string `json:"password"`
}
Note, the JSON tag json:
is required on all user facing fields within your type. Typically API types contain only user facing fields. When the JSON tag is omitted from the field, Kubernetes generators consider the field to be internal and will not expose the field in their generated external output. For example, this means that the field would not be included in a generated CRD schema.
To validate custom resources, use the CustomResourceValidation
feature. Validation in the form of a structured schema is mandatory to be provided for apiextensions.k8s.io/v1
.
The schema in crd.yaml
applies the following validation on the custom resource:
spec.replicas
must be an integer and must have a minimum value of 1 and a maximum value of 10.
Custom Resources support /status
and /scale
subresources. The CustomResourceSubresources
feature is in GA from v1.16.
The CRD in crd-status-subresource.yaml
enables the /status
subresource for custom resources.
This means that UpdateStatus
can be used by the controller to update only the status part of the custom resource.
To understand why only the status part of the custom resource should be updated, please refer to the Kubernetes API conventions.
In the above steps, use crd-status-subresource.yaml
to create the CRD:
# create a CustomResourceDefinition supporting the status subresource
kubectl create -f artifacts/examples/crd-status-subresource.yaml
The group version of the custom resource in crd.yaml
is v1alpha
, this can be evolved to a stable API version, v1
, using CRD Versioning.
You can clean up the created CustomResourceDefinition with:
kubectl delete crd foos.samplecontroller.k8s.io
HEAD of this repository will match HEAD of k8s.io/apimachinery and k8s.io/client-go.
sample-controller
is synced from
https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/sample-controller.
Code changes are made in that location, merged into k8s.io/kubernetes and
later synced here.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.