<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Tenants on Capsule</title><link>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/</link><description>Recent content in Tenants on Capsule</description><generator>Hugo -- gohugo.io</generator><language>en</language><atom:link href="https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/index.xml" rel="self" type="application/rss+xml"/><item><title>Quickstart</title><link>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/quickstart/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/quickstart/</guid><description>In Capsule, a Tenant is an abstraction to group multiple namespaces in a single entity within a set of boundaries defined by the Cluster Administrator. The tenant is then assigned to a user or group of users who is called Tenant Owner. Capsule defines a Tenant as Custom Resource with cluster scope. Create the tenant as cluster admin:
kubectl create -f - &amp;lt;&amp;lt; EOF apiVersion: capsule.clastix.io/v1beta2 kind: Tenant metadata: name: oil spec: owners: - name: alice kind: User EOF You can check the tenant just created</description></item><item><title>Namespaces</title><link>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/namespaces/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/namespaces/</guid><description>Alice, once logged with her credentials, can create a new namespace in her tenant, as simply issuing:
kubectl create ns solar-production Alice started the name of the namespace prepended by the name of the tenant: this is not a strict requirement but it is highly suggested because it is likely that many different tenants would like to call their namespaces production, test, or demo, etc.
The enforcement of this naming convention is optional and can be controlled by the cluster administrator with forceTenantPrefix option.</description></item><item><title>Permissions</title><link>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/permissions/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/permissions/</guid><description>Ownership Capsule introduces the principal, that tenants must have owners. The owner of a tenant is a user or a group of users that have the right to create, delete, and manage the tenant&amp;rsquo;s namespaces and other tenant resources. However an owner does not have the permissions to manage the tenants they are owner of. This is still done by cluster-administrators.
Group Scope Capsule selects users, which are eligable to be considered for tenancy by their group.</description></item><item><title>Quotas</title><link>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/quotas/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/quotas/</guid><description>With help of Capsule, Bill, the cluster admin, can set and enforce resources quota and limits for Alice&amp;rsquo;s tenant.
Resource Quota Deprecated This feature will be deprecated in a future release of Capsule. Instead use Resource Pools to handle any cases around distributed ResourceQuotas With help of Capsule, Bill, the cluster admin, can set and enforce resources quota and limits for Alice&amp;rsquo;s tenant. Set resources quota for each namespace in the Alice&amp;rsquo;s tenant by defining them in the tenant spec:</description></item><item><title>Enforcement</title><link>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/enforcement/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://lorenzbischof.ch/capsule-website/v0.11/docs/tenants/enforcement/</guid><description>Metadata Namespaces AdditionalMetadataList Information Starting from v0.10.8, it is possible to use templated values for labels and annotations. Currently, {{ tenant.name }} and {{ namespace }} placeholders are available. apiVersion: capsule.clastix.io/v1beta2 kind: Tenant metadata: name: solar spec: owners: - name: alice kind: User namespaceOptions: additionalMetadataList: - annotations: templated-annotation: {{ tenant.name }} labels: templated-label: {{ namespace }} The cluster admin can &amp;ldquo;taint&amp;rdquo; the namespaces created by tenant owners with additional metadata as labels and annotations.</description></item></channel></rss>