server-manager/kubernetes-operator

Fork 0

Go to file

ACoolName 09e9b5dabd

Build and Push Docker Image / Build image (push) Successful in 2m0s

Details

added factorio image

2025-05-22 23:07:50 +03:00

.gitea/workflows

made build workflow

2025-04-05 13:00:45 +03:00

api/v1alpha1

added volume as a config in images

2025-05-22 22:37:30 +03:00

cmd

added config path to file

2025-04-05 17:15:00 +03:00

config

added factorio image

2025-05-22 23:07:50 +03:00

hack

init

2025-03-25 21:16:24 +02:00

internal/controller

fix bug

2025-05-22 23:07:24 +03:00

test

init

2025-03-25 21:16:24 +02:00

.dockerignore

init

2025-03-25 23:39:38 +02:00

.gitignore

init

2025-03-25 23:39:38 +02:00

.golangci.yml

init

2025-03-25 23:39:38 +02:00

Dockerfile

made build workflow

2025-04-05 13:00:45 +03:00

go.mod

added images

2025-04-03 21:14:30 +03:00

go.sum

added images

2025-04-03 21:14:30 +03:00

Makefile

init

2025-03-25 21:16:24 +02:00

PROJECT

added images

2025-04-03 21:14:30 +03:00

README.md

updated readme

2025-05-19 15:35:27 +03:00

README.md

ServerManager Kubernetes Operator

A kubernetes operator used to manage servers using CRDs

Description

This is a kubernetes operator used to manage game servers and is used in the implementation of the kubernetes instance manager in the ServerManager backend

Important

Currently the only supported ingress is traefik using the IngressRoute CRD

Adding ServerManager operator to your cluster

Install the CRDs

To install the CRDs you must first clone this repository using:

git clone https://git.acooldomain.co/server-manager/kubernetes-operator servermanager-operator
cd servermanager-operator

After the repository is cloned to install the CRDs just apply them using:

kubectl -f config/crd

Setting up the ServerManager Operator

Configuration

The server-manager operator takes a configuration file called config.yaml and expects to find it in the same namespace under the name server-manager-config with a key named config.yaml containing a yaml file in the following schema

domain_label: string
default_domain: string
browser:
  domain: string
  sub_path: string
  auth_header: string
  cert_resolver: string
  entrypoints:
    - string

  additional_routes:
    - IngressRouteRoute

  middleware:
    name: string
    namespace: string

Configuration values

domain_label optional type: string description: The name of a label on the node that it's value is a DNS record that points to that node.

default_domain type: string description: The domain to use if the label in domain_label is not present on the node the pod runs on

browser.domain type: string description: The domain that all file browsers would run on

browser.sub_path type: string description: A path prefix that all browsers will run under

browser.auth_header type: string description: The header used to identify a user on the browser container

browser.additional_routes type: IngressRouteRoute description: Any additional routes that would point to anything other than the browser, usually needed for some forwardAuth middlewares

browser.middleware type: MiddlewareRef description: A reference to the middleware that will handle authentication for the browsers

Example configuration

An example configuration that is close to what is used in ServerManager

domain_label: "ddns.acooldomain.co/hostname"
default_domain: "acooldomain.co"
browser:
  domain: games.acooldomain.co
  sub_path: /browsers
  auth_header: x-authentik-username
  cert_resolver: letsencrypt
  entrypoints:
    - websecure

  additional_routes: # This additional route is required for the Authentik middleware
    - kind: Rule
      match: "Host(`games.acooldomain.co`) && PathPrefix(`/outpost.goauthentik.io/`)"
      priority: 15
      services:
        - kind: Service
          name: ak-outpost-traefik
          namespace: authentik
          port: 9000

  middleware:
    name: authentik
    namespace: authentik

And in a ConfigMap it looks as follows (replace <namespace> with the desired namespace):

apiVersion: v1
kind: ConfigMap
metadata:
  name: server-manager-config
  namespace: <namespace>
data:
  config.yaml: |
    domain_label: "ddns.acooldomain.co/hostname"
    default_domain: "acooldomain.co"
    browser:
      domain: games.acooldomain.co
      sub_path: /browsers
      auth_header: x-authentik-username
      cert_resolver: letsencrypt
      entrypoints:
        - websecure

      additional_routes:
        - kind: Rule
          match: "Host(`games.acooldomain.co`) && PathPrefix(`/outpost.goauthentik.io/`)"
          priority: 15
          services:
            - kind: Service
              name: ak-outpost-traefik
              namespace: authentik
              port: 9000

      middleware:
        name: authentik
        namespace: authentik

Roles

The servermanager-operator requires permissions to modify/create/delete pods, pvcs, services, and ingressroutes.traefik.io to allow full functionality to create a service account with these permissions run the following commands where <namespace> is the namespace the operator would be deployed to

kubectl apply -n <namespace> -f https://git.acooldomain.co/server-manager/kubernetes-operator/raw/branch/main/config/rbac/service-account.yaml
kubectl apply -n <namespace> -f https://git.acooldomain.co/server-manager/kubernetes-operator/raw/branch/main/config/rbac/role.yaml
kubectl apply -n <namespace> -f https://git.acooldomain.co/server-manager/kubernetes-operator/raw/branch/main/config/rbac/role-binding.yaml

Manager

To install the operator itself after all the setup is complete simply run:

kubectl apply -n <namespace> -f https://git.acooldomain.co/server-manager/kubernetes-operator/raw/branch/main/config/manager/manager.yaml

Verify

After all the setup is applied you can test that the kubernetes-operator is working by creating a game image and a server that uses it. Below are exxamples for an Image that runs a minecraft paper server on version 1.21.5 and a Server using that image.

Example Image

apiVersion: server-manager.acooldomain.co/v1alpha1
kind: Image
metadata:
  name: minecraft-paper-1-21-5
spec:
  location: git.acooldomain.co/server-manager/minecraft:paper-1.21.5
  name: minecraft
  tag: paper-1.21.5
  working_dir: /opt/server
  ports:
    - port: 25565
      protocol: TCP

  init_script:
    image: alpine:latest
    command:
      - /bin/sh
    args:
      - /bin/sh
      - "-c"
      - "echo eula=true >> /data/eula.txt"

Example Server

apiVersion: server-manager.acooldomain.co/v1alpha1
kind: ServerManager
metadata:
  name: test-server
spec:
  storage: 10Gi
  browser:
    "on": true
  server:
    "on": true
    image: minecraft-paper-1-21-5
    ports:

Examples result

After applying the following resources your environment should have several new resources created

PVCs
- test-server
- test-server-browser
services
- test-server
  - type: NodePort
  - ContainerPort: 25565
  - NodePort: Random Port
Pods
- test-server
- test-server-browser

To delete the server and the related resources it is enough to delete the server-manager.acooldomain.co resource we created

License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.