KubeZoo – Gateway Service for Kubernetes Multi-tenancy
English | 简体中文
KubeZoo is a lightweight gateway service that leverages the existing namespace model and add multi-tenancy capability to existing Kubernetes. KubeZoo provides view-level isolation among tenants by capturing and transforming the requests and responses. Please refer to design doc for details.
There exists three common multi-tenancy models for Kubernetes, i.e., Namespace as a Service (NaaS), Cluster as a Service (CaaS), Control Planes as a service (CPaaS). Each of them can be applied to address different use cases. However, our cases have some specific requirements and constraints that can not be met by the existing models,
- Many Small Tenants – there usually exist hundreds of tenants who only need to run small batch workloads containing few pods for tens of minutes.
- Short Turnaround Time – users/tenants are usually impatient, who desire to have their service to be ready in minutes.
- Tight Manpower – managing thousands of clusters/control-planes can be labour-intensive and infeasible for medium-sized dev team.
To address these cases, we present a new tenancy model, i.e., Kubernetes API as a Service (KAaaS), which provides competent isolation with negligible overheads and operation costs. KubeZoo implements this model with all tenants sharing both the control-plane and data-plane, which is suitable for the scenarios where thousands of small tenants need to share an underlying Kubernetes cluster.
Please check the resource and system requirements before installing KubeZoo.
KubeZoo supports Kubernetes versions up to 1.18. Using higher Kubernetes versions may cause compatibility issues. KubeZoo can be installed using any of the following methods:
|Deploy KubeZoo from scratch||Deploy KubeZoo||< 2 minutes|
If you have any questions or want to contribute, you are welcome to communicate most things via GitHub issues or pull requests. Or Contact to Maintainers
KubeZoo is under the Apache 2.0 license. See the LICENSE file for details. Certain implementations in KubeZoo rely on the existing code from Kubernetes and the credits go to the original Kubernetes authors.