Cluster API
Definition
Cluster API is an open-source project that provides a declarative Kubernetes-style API for managing the lifecycle of Kubernetes clusters. It abstracts the complexity of infrastructure management by using Kubernetes Custom Resource Definitions (CRDs) and controllers to automate the provisioning, scaling, and upgrading of clusters across various cloud providers and on-premises environments.
Secure Settings Example
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
name: secure-cluster
spec:
clusterNetwork:
services:
cidrBlocks: ["10.96.0.0/12"]
pods:
cidrBlocks: ["192.168.0.0/16"]
controlPlaneEndpoint:
host: "secure-cluster.example.com"
port: 6443
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: InfrastructureCluster
name: secure-infra
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
kind: KubeadmControlPlane
name: secure-control-plane
security:
enableNetworkPolicies: true
enablePodSecurityPolicies: true
Insecure Settings Example
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
name: insecure-cluster
spec:
clusterNetwork:
services:
cidrBlocks: ["0.0.0.0/0"] # Open to all IPs, insecure
pods:
cidrBlocks: ["0.0.0.0/0"] # Open to all IPs, insecure
controlPlaneEndpoint:
host: "insecure-cluster.example.com"
port: 6443
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: InfrastructureCluster
name: insecure-infra
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
kind: KubeadmControlPlane
name: insecure-control-plane
security:
enableNetworkPolicies: false # Network policies disabled
enablePodSecurityPolicies: false # Pod security policies disabled