|
1 | | -# service-catalog |
| 1 | +## `service-catalog` |
| 2 | + |
| 3 | +The service-catalog presents APIs for: |
| 4 | + |
| 5 | +1. Determining which services and recipes for running instances of services |
| 6 | + are available in a cluster |
| 7 | +2. Making those services usable in namespaces and more granular subjects |
| 8 | + (deployments, pods) within a Kubernetes cluster |
| 9 | + |
| 10 | +This is the Kubernetes implementation of the service broker concept, which is |
| 11 | +joint effort amongst the different member organizations of the |
| 12 | +[CNCF](https://cncf.io/). |
| 13 | + |
| 14 | +### Use Cases |
| 15 | + |
| 16 | +A very basic set of use cases to describe the problem space is: |
| 17 | + |
| 18 | +1. Advertising and discovering services and recipes: |
| 19 | + 1. As a service operator, I want to be able to publish service offerings |
| 20 | + and recipes, so that users can search for my services and recipes they |
| 21 | + can use |
| 22 | +2. Recipes for running software systems in Kubernetes: |
| 23 | + 1. As someone who created a recipe for running a software system in |
| 24 | + Kubernetes, I want to share this recipe with others so that they can |
| 25 | + easily stand up their own copy |
| 26 | + 2. As someone who wants to run a particular software system in Kubernetes, |
| 27 | + I want to be able to search for and use recipes that others may have |
| 28 | + already created, so I can avoid spending time getting it to run myself |
| 29 | +3. Sharing resources for a service: |
| 30 | + 1. As an operator of a software system, I want to share the resources that |
| 31 | + are required to use the system so that my users can easily consume |
| 32 | + them in their own namespaces |
| 33 | + 2. As a user of a software system running in Kubernetes, I want to consume |
| 34 | + the shared resources associated with that system in my own namespace so |
| 35 | + that I can use the system in my application |
| 36 | + |
| 37 | +#### Advertising services and recipes |
| 38 | + |
| 39 | +Within and outside a Kubernetes cluster, there are services that users wish to |
| 40 | +highlight and make available to other users. Users might also wish to publish |
| 41 | +recipes that allow other users to run their own services. Some examples: |
| 42 | + |
| 43 | +1. A user's namespace contains `etcd`, `etcd-discovery`, and `postgresql` |
| 44 | + services, and the only one the user wants to share with others is the |
| 45 | + `postgresql` service |
| 46 | +2. A SaaS product like a externally hosted database for which a Kubernetes |
| 47 | + Service exists to provide a stable network endpoint |
| 48 | +3. A user makes a database run in Kubernetes and wants to share their recipe |
| 49 | + |
| 50 | +In order to share these services, there has to be a central place where they can |
| 51 | +be registered and advertised. This is the service catalog. |
| 52 | + |
| 53 | +#### Sharing recipes |
| 54 | + |
| 55 | +Users also want the ability to share recipes for running services in addition to |
| 56 | +sharing access to services that are already running. As a completely fictitious |
| 57 | +example, say the a user creates some kind of recipe that makes it easy to create |
| 58 | +everything needed to spin up a new PostgreSQL database (customizable |
| 59 | +username/password, `Service`, `Deployment`, etc.). The user wants to share this |
| 60 | +recipe in a service catalog so others can find it and use it. |
| 61 | + |
| 62 | +#### Consuming recipes |
| 63 | + |
| 64 | +When a user consumes a recipe, the pieces of the recipe are fully realized in |
| 65 | +that user's namespace. For example, if the recipe is to run an instance of |
| 66 | +PostgreSQL, the user's namespace would probably have several new resources |
| 67 | +created in it: |
| 68 | + |
| 69 | +1. A `Deployment` for the actual PostgreSQL containers |
| 70 | +2. A `Service` to provide a stable network endpoint |
| 71 | +3. A `Secret` with credentials to use the database |
| 72 | + |
| 73 | +#### Sharing a single set of resources for a service |
| 74 | + |
| 75 | +The simplest way to share resources for an existing service is to share the same |
| 76 | +resources for each consumer. As an example: a development team is working on an |
| 77 | +application that uses a database. The IT department manages the database (i.e., |
| 78 | +it lives off-cluster). All developers share the same credentials to access the |
| 79 | +database, but these credentials are managed by IT. Rather than having each |
| 80 | +developer create his or her own `Service` and `Secret` to connect to the |
| 81 | +database, IT creates a "db-app-xyz" `Service` and a "db-app-xyz" `Secret` in the |
| 82 | +"info-tech" namespace. |
| 83 | + |
| 84 | +#### Consuming a set of shared resources for a service |
| 85 | + |
| 86 | +Continuing our shared database example from a developer perspective: to use the |
| 87 | +shared database service, a developer searches for it in the service catalog and |
| 88 | +adds it to their namespace. When the developer adds the service from the |
| 89 | +catalog into their own namespace, they receive a copy of each of the resources |
| 90 | +(Secrets, ConfigMaps, etc) that the service publisher has associated with that |
| 91 | +service in their namespace. |
0 commit comments