DataPlane
A DataPlane represents a Kubernetes cluster where application workloads are deployed. It defines the connection to a target Kubernetes cluster, container registry configuration, and gateway settings for routing traffic to applications.
API Version
openchoreo.dev/v1alpha1
Resource Definition
Metadata
DataPlanes are namespace-scoped resources that must be created within an Organization's namespace.
apiVersion: openchoreo.dev/v1alpha1
kind: DataPlane
metadata:
name: <dataplane-name>
namespace: <org-namespace> # Organization namespace
Spec Fields
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
kubernetesCluster | KubernetesClusterSpec | Yes | - | Target Kubernetes cluster configuration |
registry | Registry | Yes | - | Container registry configuration for pulling images |
gateway | GatewaySpec | Yes | - | API gateway configuration for this DataPlane |
observer | ObserverAPI | No | - | Observer API integration for monitoring and logging |
KubernetesClusterSpec
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
name | string | Yes | - | Name of the Kubernetes cluster |
credentials.apiServerURL | string | Yes | - | URL of the Kubernetes API server |
credentials.caCert | string | Yes | - | Base64-encoded CA certificate |
credentials.clientCert | string | Yes | - | Base64-encoded client certificate |
credentials.clientKey | string | Yes | - | Base64-encoded client private key |
Registry
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
prefix | string | Yes | - | Registry domain and namespace (e.g., docker.io/namespace) |
secretRef | string | No | "" | Name of Kubernetes Secret with registry credentials |
GatewaySpec
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
publicVirtualHost | string | Yes | - | Public virtual host for external traffic |
organizationVirtualHost | string | Yes | - | Organization-specific virtual host for internal traffic |
ObserverAPI
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
url | string | Yes | - | Base URL of the Observer API |
authentication.basicAuth.username | string | Yes | - | Username for basic authentication |
authentication.basicAuth.password | string | Yes | - | Password for basic authentication |
Status Fields
| Field | Type | Default | Description |
|---|---|---|---|
observedGeneration | integer | 0 | The generation observed by the controller |
conditions | []Condition | [] | Standard Kubernetes conditions tracking the DataPlane state |
Condition Types
Common condition types for DataPlane resources:
Ready- Indicates if the DataPlane is ready to accept workloadsConnected- Indicates if connection to the target cluster is establishedGatewayProvisioned- Indicates if the gateway has been configured
Examples
Basic DataPlane
apiVersion: openchoreo.dev/v1alpha1
kind: DataPlane
metadata:
name: production-dataplane
namespace: default
spec:
kubernetesCluster:
name: production-cluster
credentials:
apiServerURL: https://k8s-api.example.com:6443
caCert: LS0tLS1CRUdJTi... # Base64-encoded CA cert
clientCert: LS0tLS1CRUdJTi... # Base64-encoded client cert
clientKey: LS0tLS1CRUdJTi... # Base64-encoded client key
registry:
prefix: docker.io/myorg
secretRef: registry-credentials
gateway:
publicVirtualHost: api.example.com
organizationVirtualHost: internal.example.com
observer:
url: https://observer.example.com
authentication:
basicAuth:
username: admin
password: secretpassword
Annotations
DataPlanes support the following annotations:
| Annotation | Description |
|---|---|
openchoreo.dev/display-name | Human-readable name for UI display |
openchoreo.dev/description | Detailed description of the DataPlane |
Related Resources
- Environment - Runtime environments deployed on DataPlanes
- Organization - Contains DataPlane definitions
- Project - Applications deployed to DataPlanes