Multi-cluster, Multi-tenant Kustomize Example

multi-cluster-multi-tenant-kustomize/README.md

@@ -0,0 +1,21 @@
+# Multi-cluster, Multi-tenant Kustomize Example
+
+This repository shows an example of how to use Kustomize's bases and overlays to maintain manifests for an application that requires one instance of the application to be deployed per tenant and per environment.
+
+Bases are configurations that inherit nothing. Overlays are configurations that inherit from somewhere. Overlays can inherit from bases or from other overlays.
+
+Our example has just one base, the example app represented by a single nginx deployment.
+
+In overlays, we have `clusters`, `plans` and `tenant-envs`.
+
+ 1. `clusters`: We have one directory per region. If a tenant-env should be in the us, you add it as a base to the `us/kustomization.yaml`. If a tenant-env should be in the eu, you add it to the `eu/kustomization.yaml` bases.
+
+ 1. `plans`: The plans overlay is where you'd put configuration that is different per plan. In our example trial tenants get less replicas then paying tenants.
+
+ 1. `tenant-envs`: Our example has a `test` and a `prod` environment per client. Both tenant environments go onto the same cluster. The tenant-env overlays are where you put configuration that is specific to an env. E.g. the database connection should be unique per tenant per env. The tenant envs would also be a good place to give a certain tenant a specific version of the app (e.g. a hotfix) by overwriting the image tags for that tenant and possibly in the tenants test env first.
+
+Adopting a repository structure like this to manage multiple tenants makes it intuitive to understand where certain changes should be made while at the same time reducing the amount of duplicate manifests to a minimum.
+
+Applying a configuration to a cluster ist just one `kustomize build overlays/clusters/eu | kubectl apply -f -` command.
+
+Kustomize has recently been included into kubectl. Once that's released a simple `kubectl apply -f overlays/clusters/eu` is good enough.

multi-cluster-multi-tenant-kustomize/bases/app/deployment.yaml

@@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  creationTimestamp: null
+  labels:
+    app: app
+  name: app
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: app
+  strategy: {}
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: app
+    spec:
+      containers:
+      - image: nginx
+        name: nginx
+        resources: {}
+status: {}

multi-cluster-multi-tenant-kustomize/bases/app/kustomization.yaml

@@ -0,0 +1,9 @@
+commonLabels:
+  app.kubernetes.io/name: app
+  app.kubernetes.io/component: frontend
+  app.kubernetes.io/part-of: app
+  app.kubernetes.io/managed-by: kustomize
+
+resources:
+- deployment.yaml
+- service.yaml

multi-cluster-multi-tenant-kustomize/bases/app/service.yaml

@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app: app
+  name: app
+spec:
+  ports:
+  - name: 80-8080
+    port: 80
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    app: app
+  type: ClusterIP
+status:
+  loadBalancer: {}

multi-cluster-multi-tenant-kustomize/overlays/clusters/eu/kustomization.yaml

@@ -0,0 +1,6 @@
+bases:
+- ../../tenant-envs/one/prod
+- ../../tenant-envs/one/test
+
+commonLabels:
+  example.com/region: eu

multi-cluster-multi-tenant-kustomize/overlays/clusters/us/kustomization.yaml

@@ -0,0 +1,6 @@
+bases:
+- ../../tenant-envs/two/prod
+- ../../tenant-envs/two/test
+
+commonLabels:
+  example.com/region: us

multi-cluster-multi-tenant-kustomize/overlays/plans/paid/kustomization.yaml

@@ -0,0 +1,5 @@
+bases:
+- ../../../bases/app
+
+commonLabels:
+  example.com/plan: paid

multi-cluster-multi-tenant-kustomize/overlays/plans/trial/kustomization.yaml

@@ -0,0 +1,8 @@
+bases:
+- ../../../bases/app
+
+commonLabels:
+  example.com/plan: trial
+
+patches:
+- patch-deployment-replicas.yaml

multi-cluster-multi-tenant-kustomize/overlays/plans/trial/patch-deployment-replicas.yaml

@@ -0,0 +1,6 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: app
+spec:
+  replicas: 1

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/one/prod/kustomization.yaml

@@ -0,0 +1,11 @@
+namespace: one-prod
+
+bases:
+- ../../../plans/paid
+
+commonLabels:
+  app.kubernetes.io/instance: tenant-one
+  example.com/stage: prod
+
+resources:
+- namespace.yaml

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/one/prod/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: one-prod

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/one/test/kustomization.yaml

@@ -0,0 +1,11 @@
+namespace: one-test
+
+bases:
+- ../../../plans/paid
+
+commonLabels:
+  app.kubernetes.io/instance: tenant-one
+  example.com/stage: test
+
+resources:
+- namespace.yaml

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/one/test/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: one-test

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/two/prod/kustomization.yaml

@@ -0,0 +1,11 @@
+namespace: two-prod
+
+bases:
+- ../../../plans/trial
+
+commonLabels:
+  app.kubernetes.io/instance: tenant-two
+  example.com/stage: prod
+
+resources:
+- namespace.yaml

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/two/prod/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: two-prod

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/two/test/kustomization.yaml

@@ -0,0 +1,11 @@
+namespace: two-test
+
+bases:
+- ../../../plans/trial
+
+commonLabels:
+  app.kubernetes.io/instance: tenant-two
+  example.com/stage: test
+
+resources:
+- namespace.yaml

multi-cluster-multi-tenant-kustomize/overlays/tenant-envs/two/test/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: two-test