Cyclops provides integration for the following cloud providers:
- AWS - see documentation
- Permissions
- AWS Credentials
- Node Group Configuration
- Common issues, caveats and gotchas
Cyclops provides integration for the following messaging providers:
- Slack - see documentation
- Installation
- Slack Credentials
- Common issues, caveats and gotchas
Cyclops runs as an operator inside the cluster, which watches Custom Resource Definitions. It needs the following resources to be applied in the cluster.
When running inside the cluster, Cyclops will use the following for accessing the Kubernetes API:
config, err := rest.InClusterConfig()rest.InClusterConfig() uses the service account token inside the pod at
/var/run/secrets/kubernetes.io/serviceaccount to gain access to the Kubernetes API. See
Authenticating inside the cluster.
Cyclops will need certain permissions to list/patch/get/watch/update/delete pods and nodes. See the section below on RBAC to set up the service account, cluster role and cluster role binding.
In order for Kubernetes to recognise the resources Cyclops uses to handle requests and maintain state in the cluster over reschedules, we need to tell Kubernetes about our CRD.
To create the Custom Resource Definitions, run the following:
kubectl create -f deploy/crds/To be able to function correctly, Cyclops needs a service account with the following permissions:
- pods:
- watch
- list
- get
- update
- delete
- patch
- nodes:
- update
- patch
- watch
- list
- get
- delete
- pods/eviction
- create
- events
- create
- patch
- atlassian.com/*
- All permissions - "*"
To create the service account, cluster role and cluster role binding, run the following:
kubectl create -f docs/deployment/cyclops-rbac.yamlThis deployment makes use of the RBAC service account
To create the deployment, run the following:
kubectl create -f docs/deployment/cyclops-operator.yamlSee Cloud Provider documentation for deployments specific to a cloud provider.