I'm always curious of the use cases for something like this.<p>We manage multiple clusters but it's all done using pipelines so we don't traditionally have issues.<p>> <i>For standard tenants who run standard workloads like Deployments, it is not easy but doable. You need to use RBAC objects, Namespaces, NetworkPolicies, ResourceQuotas, PodSecurityPolicies, etc to limit&isolate the tenants.</i><p>Shouldn't you generally use those resources even if you're not on a multi-tenant platform? At a minimum namespaces to segment workloads and other objects to control security.<p>> <i>When it comes to advanced tenants who want to run their own operators with their own CRDs, it is huge pain. Kubernetes has no mechanism to isolate tenants for CRDs. Many people use a separate cluster per tenant in this case.</i><p>At this point aren't you just offering a kubernetes hosting solution?
Cool stuff, a little confused by this quote though:<p>"The ultimate goal is to be able to use multiple clusters as just compute resources like there is a single big cluster."<p>- isn't this the point of the underlying K8s nodes?