Kubernetes (also known as K8s) is an open-source container-orchestration system for automating the deployment, scaling and management of containerized applications. Commander interacts with the Kubernetes API, providing distribution-independent management, governance and visibility for Kubernetes clusters and containerized workloads.
It's important to understand that managing Kubernetes with Commander is quite different from managing a private or public cloud such as vCenter or AWS. When you add a Kubernetes cloud account, you're adding a Kubernetes cluster. For more information, see Adding Kubernetes Cloud Accounts.
This topic assumes that you understand the basics of Kubernetes.
In this topic:
If Commander is also managing the cloud infrastructure where the cluster resides, Commander automatically links Kubernetes nodes to the underlying VMs.
For more information, see Managing Infrastructure Linkages for Kubernetes Clusters.
- Deploy a new Kubernetes cluster: You can deploy a Kubernetes cluster on vSphere, AWS, or Azure and then automatically add the cluster to Commander's inventory with no intervention from an administrator. You can also enable your end users to submit a service request that kicks off this process, with the option to allow them to choose the Kubernetes version.
- Deploy applications into an existing Kubernetes cluster: Using workflow extensions, you can deploy Kubernetes applications into an existing Kubernetes cluster. By tying deployments to your CI/CD pipeline and including workflow steps for approval and inspection of resources to be deployed, you can ensure that your applications meet internal standards and established best practices.
- Run a Kubernetes best practices report: Using workflow extensions, you can configure a best practices report that compares the current state of a Kubernetes cluster against a set of checks. This helps ensure that the resources (such as pods and containers) deployed on a Kubernetes cluster adhere to best practices and corporate standards.
Allowing user access to namespace resources
If you assign Service Portal users ownership of a Kubernetes namespace, they can view the resources in that namespace.
You can also grant users permission to add, edit and delete resources in the namespace if you want to delegate the administration of namespace resources to them.
To allow a Service Portal user access to resources in a Kubernetes namespace, do the following:
- Assign the user, or the organization that the user belongs to, ownership of the namespace. For more information, see Assigning Service Ownership.
- If you want the user to be able to create, edit or delete resources in the namespace, the user must have a role that includes the "Manage Kubernetes" permission. See Service Portal permissions and default settings.
For more information about how Service Portal users can monitor and manage resources in a Kubernetes namespace, see Managing Kubernetes Resources