Projects empower teams to deploy their configurations and services to clusters in a consistent way. Kommander creates a unique namespace for each managed cluster. Using cluster labels to identify target clusters, Kommander relays project configuration, such as applications, secrets, and role-based authorization to dedicated namespaces on managed clusters.
Namespaces isolate configurations across clusters and are created on all clusters matching the project labels. When creating a new project, you can customize the Kubernetes namespace that is also created.
A project contains label selectors that identify targets for configuration, allowing you to manage configurations for arbitrary cluster sets. For example, if your project includes the label selector
team: finance, all project assets are relayed to clusters having that label. Only clusters having all the label selectors are configured by the project.
When creating a project, you see the matching clusters as you enter label selectors.
Projects enable centralized managed access control by defining distributed roles. These roles grant access to resources on all clusters. When creating a role, you specify lists of resources and actions that can be taken. After they are created, they can be used by a Policy, that binds the role to a group.
Policies are distributed to all clusters, selected by a project, and grant access to a specified role for a specified group.
In Kommander you can configure ConfigMaps and Secrets for your projects.
ConfigMaps & Secrets
Using project ConfigMaps and project Secrets you can define configuration resources to distribute to all project clusters.
Platform Services provide a catalog of applications you can deploy across all project clusters. See Addon Catalog for more information