VerrazzanoProject Custom Resource Definition
The VerrazzanoProject custom resource is used to create the application namespaces and their associated security settings on one or more clusters. The namespaces are always created on the admin cluster. Here is a sample VerrazzanoProject that specifies a namespace to create on the cluster named managed1
.
apiVersion: clusters.verrazzano.io/v1alpha1
kind: VerrazzanoProject
metadata:
name: hello-helidon
namespace: verrazzano-mc
spec:
template:
namespaces:
- metadata:
name: hello-helidon
placement:
clusters:
- name: managed1
VerrazzanoProject
Field | Type | Description | Required |
---|---|---|---|
apiVersion |
string | clusters.verrazzano.io/v1alpha1 |
Yes |
kind |
string | VerrazzanoProject | Yes |
metadata |
ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | Yes |
spec |
VerrazzanoProjectSpec | The project specification. | Yes |
status |
MultiClusterResourceStatus | The runtime status of a multicluster resource. | No |
VerrazzanoProjectSpec
VerrazzanoProjectSpec specifies the namespaces to create and on which clusters to create them.
Field | Type | Description | Required |
---|---|---|---|
template |
ProjectTemplate | The project template. | Yes |
placement |
Placement | Clusters on which the namespaces are to be created. | Yes |
ProjectTemplate
ProjectTemplate contains the list of namespaces to create and the optional security configuration for each namespace.
Field | Type | Description | Required |
---|---|---|---|
namespaces |
NamespaceTemplate array | The list of application namespaces to create for this project. | Yes |
security |
SecuritySpec | The project security configuration. | No |
networkPolicies |
NetworkPolicyTemplate array | The network policies applied to namespaces in the project. | No |
NamespaceTemplate
NamespaceTemplate contains the metadata and specification of a Kubernetes namespace.
Field | Type | Description | Required |
---|---|---|---|
metadata |
ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | Yes |
spec |
NamespaceSpec | An instance of the struct NamespaceSpec defined in types.go. |
No |
SecuritySpec
SecuritySpec defines the security configuration for a project.
Field | Type | Description | Required |
---|---|---|---|
projectAdminSubjects |
Subject | The subject to bind to the verrazzano-project-admin role. Encoded as an instance of the struct Subject defined in types.go. |
No |
projectMonitorSubjects |
Subject | The subject to bind to the verrazzano-project-monitoring role. Encoded as an instance of the struct Subject defined in types.go. |
No |
NetworkPolicyTemplate
NetworkPolicyTemplate contains the metadata and specification of the underlying NetworkPolicy.
NOTE
To add application NetworkPolicy, see NetworkPolicies for applications.Field | Type | Description | Required |
---|---|---|---|
metadata |
ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | Yes |
spec |
NetworkPolicySpec | An instance of the struct NetworkPolicySpec defined in types.go. |
No |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.