Nauticus is an open-source Kubernetes controller that simplifies the management of Kubernetes clusters by allowing users to create and manage “Spaces” within the cluster. A Space is a fully-managed Kubernetes namespace that includes RBAC, network policies, resources quotas, and cloud provider specific bindings.
The Nauticus Controller provides an easy-to-use interface that allows users to create and manage Spaces through the Kubernetes API. This means that users can use the same Kubernetes resources to define the desired state of their Spaces and the controller will ensure that the actual state of the Spaces matches the desired state. This declarative approach to managing Spaces makes it easy for users to understand and troubleshoot their cluster.
- ✅ Resource Quotas: Assign resource quotas to each space, ensuring that no one team can consume too many resources.
- ✅ Network Policies: Create network policies for each space, restricting ingress communication from other spaces or namespaces.
- ✅ Space Owners: Specify the owner(s) of each space, giving them full control over the resources within.
- ✅ Additional RoleBindings: Assign additional role bindings to each space, providing fine-grained access control.
- ✅ LimitRanges: Assign Limit Ranges to each space, providing an additional layer of control over resource utilization in the cluster.
- ✅ ServiceAccounts: Create Kubernetes Service Accounts to act as a Cloud Provider Service Account.