Lessor is a Kubernetes Operator for deploying, managing, and securing multi-tenant workloads.
In addition, here are some other documents that may be helpful:
Introduction
les·sor
nouna person or company that leases a good or service to an entity according to an agreement
Lessor is a Kubernetes Operator which aims to help manage the lifecycle of multi-tenant workloads. This repo currently contains a very high-level Tenant
Custom Resource as well as some Controller functionality. This codebase is mostly being used to experiment with various approaches to multi-tenancy on Kubernetes.
If you're looking to contribute to this project, check out the GitHub Issues and join the #wg-multitenancy channel on the Kubernetes Slack. You can get an invite to Kubernetes Slack here.
How Does It Work?
Tenant
Custom Resource
Each complete tenant in your environment is represented by the Tenant
Kubernetes custom resource. See an example Custom Resource for a more complete example of the configurable attributes of a tenant.
The following is a minimal example:
apiVersion: lessor.io/v1
kind: Tenant
metadata:
name: acme-labs
labels:
name: acme-labs
spec:
namespaces:
- acme-labs
- acme-labs-dev
- acme-labs-skunkworks
Controller
Lessor uses the Operator pattern to encode domain-specific operational knowledge into software. The Operator pattern describes using a Kubernetes Custom Resource Definition and a Controller to provide a declarative configuration interface to a self-healing system.
See the Developer Guide for information on building the controller and see the Getting Started Guide for information on binary distributions.