Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Multi-tenancy" page may confuse some readers about whether CRDs are cluster scoped #48112

Open
r21gh opened this issue Sep 27, 2024 · 6 comments · May be fixed by #48156
Open

"Multi-tenancy" page may confuse some readers about whether CRDs are cluster scoped #48112

r21gh opened this issue Sep 27, 2024 · 6 comments · May be fixed by #48156
Assignees
@aryasoni98
Labels
kind/documentation Categorizes issue or PR as related to documentation. language/en Issues or PRs related to English language needs-kind Indicates a PR lacks a `kind/foo` label and requires one. priority/backlog Higher priority than priority/awaiting-more-evidence. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@r21gh
Copy link
Contributor

r21gh commented Sep 27, 2024

This is a Bug Report

Problem:
The statement regarding Kubernetes namespace isolation mentions that it "doesn't apply to Kubernetes resources that can't be namespaced, such as Custom Resource Definitions, Storage Classes, and Webhooks." This requires clarification as it inaccurately represents how Custom Resource Definitions (CRDs) function.

Proposed Solution:
Update the statement to clarify the behavior of CRDs, emphasizing that while CRDs are cluster-scoped, the resources they define can be namespaced.

"However, it can be difficult to configure, and it doesn't apply to resources that are cluster-scoped and not namespaced, such as Custom Resource Definitions (CRDs) themselves (though the custom resources they define can be namespaced), Storage Classes, and Webhooks."

I would be happy to contribute to this statement in the documentation.

Page to Update:
https://kubernetes.io/docs/concepts/security/multi-tenancy/#implementations
@r21gh r21gh added the kind/bug Categorizes issue or PR as related to a bug. label Sep 27, 2024
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Sep 27, 2024
@aryasoni98
Copy link

/assign

@sftim
Copy link
Contributor

sftim commented Sep 28, 2024

The CustomResourceDefinition API is cluster scoped. However, to avoid people getting confused when they read this page, we could use APIService instead of CustomResourceDefinition.

We should also use actual API kinds.

For example:

doesn't apply to Kubernetes resources that can't be namespaced, such as APIServices, StorageClasses, or ClusterTrustBundles.

@sftim
Copy link
Contributor

sftim commented Sep 28, 2024

/remove-kind bug

The docs are correct, but people may still misunderstand them
/language en
/priority backlog

@k8s-ci-robot k8s-ci-robot added language/en Issues or PRs related to English language priority/backlog Higher priority than priority/awaiting-more-evidence. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. and removed kind/bug Categorizes issue or PR as related to a bug. labels Sep 28, 2024
@sftim
Copy link
Contributor

sftim commented Sep 28, 2024

/retitle "Multi-tenancy" page may confuse some readers about whether CRDs are cluster scoped

@k8s-ci-robot k8s-ci-robot changed the title Clarification Needed on Namespace Isolation and Cluster-Scoped Resources "Multi-tenancy" page may confuse some readers about whether CRDs are cluster scoped Sep 28, 2024
@salaxander
Copy link
Contributor

/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Oct 1, 2024
@salaxander
Copy link
Contributor

/kind documentation

@k8s-ci-robot k8s-ci-robot added the kind/documentation Categorizes issue or PR as related to documentation. label Oct 1, 2024
@aryasoni98 aryasoni98 linked a pull request Oct 1, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aryasoni98 aryasoni98

Labels
kind/documentation Categorizes issue or PR as related to documentation. language/en Issues or PRs related to English language needs-kind Indicates a PR lacks a `kind/foo` label and requires one. priority/backlog Higher priority than priority/awaiting-more-evidence. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Clarify whether CRDs are cluster scoped in multitenancy page aryasoni98/website-kubernetes
5 participants
@salaxander @r21gh @aryasoni98 @k8s-ci-robot @sftim