A kubernetes operator that exposes clever cloud's resources through custom resource definition
This project is based on the operator pattern to provide Custom Resources. Those resources will match Clever-Cloud's add-ons.
The operator is under development, you can use it, but it may have bugs or unimplemented features. You could see missing
features by checking issues with the label enhancement.
There are multiple ways to install the operator, you can built it from sources and deploy it through your own registry or use an already built operator hosted on dockerhub or operatorhub.
You will need some tools on your computer to build and deploy the operator, at least you will git, rust toolchain and
docker. To deploy the operator, you will also need the kubectl command and a kubernetes cluster.
So, firstly, you will need to retrieve the source. You can clone them directly from GitHub using the following command.
$ git clone https://github.com/CleverCloud/clever-kubernetes-operator.git
or
$ gh repo clone CleverCloud/clever-kubernetes-operator
Then, you will need to go into the new created folder where are located the source code.
$ cd clever-kubernetes-operator
At this step, you can choose to build the binary and use it directly or build the docker image and push it to your registry and then deploy it into your kubernetes cluster.
To build the binary, you can use the following command:
$ make build
The operator binary will be located under the folder target/release/clever-kubernetes-operator. Then, you can run it.
$ target/release/clever-kubernetes-operator
To build the docker image, you can use the following command:
$ DOCKER_IMG=<your-registry>/<your-namespace>/clever-kubernetes-operator:latest make docker-build
Then, push it to your registry.
$ DOCKER_IMG=<your-registry>/<your-namespace>/clever-kubernetes-operator:latest make docker-push
Then, update the kubernetes deployment script located in deployments/kubernetes/v1.24.0/20-deployment.yaml to deploy
your docker image in your kubernetes cluster. Finally, apply the deployment script.
$ make deploy-kubernetes
or
$ kubectl apply -f deployments/kubernetes/v1.30.0
You can also use the available Helm chart. Configure the values.yaml file in deployments/kubernetes/helm with your own values, then run:
$ helm install clever-kubernetes-operator -n clever-kubernetes-operator --create-namespace -f values.yaml .The docker image will be provided by the dockerhub account of Clever-Cloud and you only need to apply the deployment script.
$ make deploy-kubernetes
or
$ kubectl apply -f https://raw.githubusercontent.com/CleverCloud/clever-kubernetes-operator/main/deployments/kubernetes/v1.30.0/10-custom-resource-definition.yaml
$ kubectl apply -f https://raw.githubusercontent.com/CleverCloud/clever-kubernetes-operator/main/deployments/kubernetes/v1.30.0/20-deployment.yaml
To connect to the Clever Cloud API, the operator supports three authentication methods:
This option uses the complete OAuth1 authentication flow with all four required credentials.
[api]
token = "your-oauth-token"
secret = "your-oauth-secret"
consumer-key = "your-consumer-key"
consumer-secret = "your-consumer-secret"When to use:
- When you have your own OAuth consumer application registered with Clever Cloud
- When you need custom permissions or scopes
- For production environments where you want full control over authentication
This option uses OAuth1 authentication but automatically applies the public Clever Tools consumer credentials when you only provide token and secret.
[api]
token = "your-oauth-token"
secret = "your-oauth-secret"When to use:
- For most standard use cases
- When you have personal tokens but don't want to manage consumer credentials
- For development or testing environments
When only token and secret are provided, the SDK automatically uses the same public consumer credentials as the Clever Cloud CLI tools.
This is the simplest authentication method, using a single bearer token with the "oauthless auth backend."
[api]
token = "your-bearer-token"When to use:
- When working with the oauthless auth backend
- For simple integrations or scripts
- When you have a personal access token that doesn't require OAuth flow
For most users, Option 2 (token and secret only) provides the best balance of security and convenience.
To work properly, the operator needs to be configured with at least credentials to connect the Clever Cloud's API.
Those configurations could be provided through a ConfigMap, a Secret or by the environment.
An example of deployment using a Secret is located at deployments/kubernetes/v1.30.0/20-deployment.yaml.
An example of deployment using a ConfigMap is located at deployments/helm/.
Environment variables are:
| Name | Kind | Default | Required | Description |
|---|---|---|---|---|
CLEVER_OPERATOR_OPERATOR_LISTEN |
SocketAddress |
0.0.0.0:7080 |
yes | |
CLEVER_OPERATOR_API_SECRET |
String |
none | false | |
CLEVER_OPERATOR_API_TOKEN |
String |
none | yes | if used alone, we assume that we are using oauthless auth backend |
CLEVER_OPERATOR_API_CONSUMER_KEY |
String |
none | false | |
CLEVER_OPERATOR_API_CONSUMER_SECRET |
String |
none | false |
By default, if the --config flag is not provided to the binary, the operator will look at the following paths to
retrieve its configuration:
/usr/share/clever-kubernetes-operator/config.{toml,yaml,json}/etc/clever-kubernetes-operator/config.{toml,yaml,json}$HOME/.config/clever-kubernetes-operator/config.{toml,yaml,json}$HOME/.local/share/clever-kubernetes-operator/config.{toml,yaml,json}config.{toml,yaml,json}
See the license.