👋 Welcome to our project! Our documentation can help you get started and provides lots of in-depth information.
Sveltos is a Kubernetes add-on controller that simplifies the deployment and management of add-ons and applications across multiple clusters. It runs in the management cluster and can programmatically deploy and manage add-ons and applications on any cluster in the fleet, including the management cluster itself. Sveltos supports a variety of add-on formats, including Helm charts (support for OCI registries), raw YAML, Kustomize, Carvel ytt, and Jsonnet.
Sveltos allows you to represent add-ons and applications as templates. Before deploying to managed clusters, Sveltos instantiates these templates. Sveltos can gather the information required to instantiate the templates from either the management cluster or the managed clusters themselves. This enables you to use the same add-on configuration across all of your clusters, while still allowing for some variation, such as different add-on configuration values. In other words, Sveltos lets you define add-ons and applications in a reusable way. You can then deploy these definitions to multiple clusters, with minor adjustments as needed. This can save you a lot of time and effort, especially if you manage a large number of clusters.
Sveltos provides precise control over add-on deployment order. Add-ons within a Profile/ClusterProfile are deployed in the exact order they appear, ensuring a predictable and controlled rollout. Furthermore, ClusterProfiles can depend on others, guaranteeing that dependent add-ons only deploy after their dependencies are fully operational. Finally Sveltos' event-driven framework offers additional flexibility. This framework allows for deploying add-ons and applications in response to specific events, enabling dynamic and adaptable deployments based on your needs.
👉 If you like Sveltos or to get updates, ⭐️ star Sveltos.
Projectsveltos offers two powerful tools for managing cluster configurations: Profiles and ClusterProfiles:
- ClusterProfiles: Apply across all clusters in any namespace. Ideal for platform admins maintaining global consistency and managing settings like networking, security, and resource allocation.
- Profiles: Limited to a specific namespace, granting granular control to tenant admins. This isolation ensures teams manage, from the management cluster, their managed clusters independently without impacting others.
-
ClusterProfiles:
- Enforce standardized configurations across all clusters.
- Define global policies for networking, security, and resource allocation.
-
Profiles:
- Tailor configurations for specific applications, services, or teams.
- Grant tenant admins granular control over their clusters.
- from the management cluster, selects one or more
clusters
with a Kubernetes label selector; - lists which Kubernetes add-ons need to be deployed on such clusters;
- add-ons can be expressed as templates and instantiated by Sveltos at deployment time using resources from the management cluster.
1️⃣ OneTime: This mode is designed for bootstrapping critical components during the initial cluster setup. Think of it as a one-shot configuration injection: 1. Deploying essential infrastructure components like CNI plugins, cloud controllers, or the workload cluster's package manager itself; 2. Simplifies initial cluster setup; 3. Hands over management to the workload cluster's own tools, promoting modularity and potentially simplifying ongoing maintenance.
2️⃣ Continuous: This mode continuously monitors ClusterProfiles or Profiles for changes and automatically applies them to matching clusters. It ensures ongoing consistency between your desired configuration and the actual cluster state: 1. Centralized control over deployments across multiple clusters for consistency and compliance; 2. Simplifies management of configurations across multiple clusters.
3️⃣ ContinuousWithDriftDetection: Detects and automatically corrects configuration drifts in managed clusters, ensuring they remain aligned with the desired state defined in the management cluster.
With the rollout strategy defined in the ClusterProfile/Profile, users can control the upgrade behavior of the addon when there are changes in the supported configurations.
For example, the add-on user updates the “kyverno” ClusterProfile and wants to apply the change to a “canary” decision group of clusters first. If all the add-on upgrade successfully, then upgrade the rest of clusters progressively per cluster at a rate of 30% (*__ maxUpdate: 30%__). The rollout strategy can be defined as follows:
apiVersion: config.projectsveltos.io/v1alpha1
kind: ClusterProfile
metadata:
name: kyverno
spec:
clusterSelector: env=fv
syncMode: Continuous
maxUpdate: 30%
helmCharts:
- repositoryURL: https://kyverno.github.io/kyverno/
repositoryName: kyverno
chartName: kyverno/kyverno
chartVersion: v3.0.1
releaseName: kyverno-latest
releaseNamespace: kyverno
helmChartAction: Install
Sveltos can automatically detect drift between the desired state, defined in the management cluster, and actual state of your clusters and recover from it.
Sveltos has the capability to monitor changes within ConfigMap and Secret resources and facilitate rolling upgrades for Deployments, StatefulSets, and DaemonSets. This functionality can be activated by simply setting the reloader field to true in the ClusterProfile.
Sveltos can also create resources in the management cluster itself. This allows Sveltos to coordinate with other open source projects before deploying add-ons in the managed cluster.
The integration of External Secret Operator and Sveltos provides a powerful solution for secret management. External Secret Operator fetches secrets from external APIs and creates Kubernetes secrets, while Sveltos efficiently distributes these fetched secrets to the managed clusters. In case of any changes to the secrets in the external API, External Secret Operator updates the secrets in the management cluster, and Sveltos ensures the reconciliation of state in each managed cluster where the secret was distributed.
Sveltos supports defining an event using Lua. An event is a notification that is sent when a certain condition is met. For example, you could create an event that is sent when the PostgreSQL deployment becomes healthy. Events can then be used to trigger the deployment of other resources. For example, you could configure Sveltos to deploy the Job that creates the table in the database when it receives an event that the PostgreSQL deployment is healthy. In this example Sveltos has been instructed to:
1️⃣ Deploy postgresql deployment and service
2️⃣ Wait for postgresql deployment to be ready
3️⃣ Deploy a Job that creates a table in the DB
4️⃣ Wait for Job to be completed
5️⃣ Deploy todo-app which can access PostgreSQL deployment
6️⃣ Wait for todo-app to be healthy
7️⃣ Deploy a Job that adds an entry to database via todo-app
Sveltos Classifier is an optional component used to dynamically classify a cluster based on its runtime configuration (Kubernetes version, deployed resources, and more).
Classifier currently supports the following criteria:
- Kubernetes version
- Kubernetes resources
Sveltos offers cluster failover functionality within a multi-cluster Kubernetes orchestration environment. This means it helps ensure service continuity even if an individual Kubernetes cluster malfunctions.
Sveltos can monitor the healths of resources in managed clusters and send notifications when something happens. For instance detect Pod instances in crashloopbackoff and send a Slack notification.
Sveltos now offers the ability to gather information from all or subsets of the clusters it manages. This information can then be accessed and displayed using Sveltos' CLI in the management cluster.
With its sharding strategy, Sveltos can manage hundreds of managed clusters and applications by distributing the load across multiple instances of Sveltos controllers. To achieve this, add the annotation sharding.projectsveltos.io/key to managed clusters.
- Install Sveltos
- Quickstart for trying out Projectsveltos with a test cluster
We use the git-flow branching model. The base branch is dev. If you are looking for a stable version, please use the main branch or tags labeled as v0.x.x.
We love to hear from our community!
- Report bugs and suggest features
- Write documentation
- Submit code
Sveltos is licensed under the Apache License, Version 2.0.
If you like Sveltos, please star ⭐ the project on GitHub! This will help other people find it and learn more about it.