05/04/24 - Single namespace installation

[Zvezdoreel]

Enhancement

Is your feature request related to a problem?/Why is this needed I want to deploy multiple instances of this controller in different namespaces

Describe the solution you'd like in detail per namespace installation, Id like the controller to watch resources in the namespace it installed in

Describe alternatives you've considered maybe a list of allowed namespaces

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[niranjandarshann]

@Zvezdoreel Thank you For your contribution. I find this as required one too as Implementing per-namespace installation so that each controller instance is limited to watching resources in its own namespace. This simplifies management and ensures better isolation between different namespaces.

It is useful for better isolation between different namespaces.

[niranjandarshann]

@Zvezdoreel I was looking for the alternative way to achieve it and here what i understood is that we can achieve it by: Deploying a controller in each namespace, configuring each instance to watch only its namespace using the WATCH_NAMESPACE environment variable. This ensures isolation and simple management. Alternatively, deploy a cluster-wide controller with namespace filtering logic and use Kubernetes RBAC to restrict its permissions. This approach balances isolation with resource efficiency.

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle rotten
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten