Namespace Sync in AKO

Overview

Namespace sync helps in syncing objects from specific namespace(s) to the Avi Controller.

This article introduces the parameters to use Namespace Sync.

Parameters

To use Namespace Sync, set the value of these parameters to a non-empty string.

Parameter Description Default Value
AKOSettings.namespaceSelector.labelKey The key used as a label-based selection for the namespaces Empty
AKOSettings.namespaceSelector.labelValue Value used as a label-based selection for the namespaces Empty

Note: Any changes to values of these parameters require AKO reboot to take effect.

If either of the values for the parameters listed above are left empty, then AKO would sync objects from all namespaces with the Avi Controller.

When AKO is booted up with this setting, label the namespace with the same key:value pair mentioned in values of labelKey and labelValue

For example, if the values are labelKey: app and labelValue: migrate in the values.yaml, then label the namespace as app: migrate.


apiVersion: v1
kind: Namespace
metadata:
  creationTimestamp: "2020-12-04T13:20:42Z"
  labels:
    app: migrate
  name: red
  resourceVersion: "14055620"
  selfLink: /api/v1/namespaces/red
  uid: a424bf13-2f4a-4005-a84d-f2fb65acfda0
  spec:
    finalizers:
    - kubernetes
  status:
    phase: Active

AKO syncs all objects from correctly labelled namespace/s.

If the label of ‘red’ namespace is changed from “app: migrate” (valid) to “app: migrate1” (invalid), then following objects of ‘red’ namespace will be deleted from AVI controller

  • Pools associated with, insecure ingresses/routes
  • SNI virtual services associated with secure ingresses/routes
  • Virtual services associated with L4 objects

AKO will sync back objects of a namespace with AVI controller if namespace label is changed from an invalid label to a valid label.

Document Revision History

Date Change Summary
December 18, 2020 Updated the article for AKO version 1.4.1
December 18, 2020 Published the article for Namespace Sync in AKO