Client Sidecar

In certain situations we may want to have a pod act like a peer in the Netbird network instead of exposing it through a routing peer. In these cases a Netbird client container has to be added as a sidecar to the pod.

Sidecars are appended to pods when created if they match the selector of a sidecar profile. A sidecar profile defines the configuration of the sidecar, like the setup key to be used along with other parameters. An empty selector will match with all pods in the namespace. The sidecar profile needs to be created first before any pod is created.

apiVersion: netbird.io/v1alpha1
kind: SetupKey
metadata:
  name: sidecar
  namespace: default
spec:
  name: sidecar
  ephemeral: true
---
apiVersion: netbird.io/v1alpha1
kind: SidecarProfile
metadata:
  name: test
  namespace: default
spec:
  setupKeyRef:
    name: sidecar
  podSelector:
    matchLabels:
      app: ubuntu

When a pod matching the selector is created it will receive a netbird sidecar container.

apiVersion: v1
kind: Pod
metadata:
  name: ubuntu
  namespace: default
  labels:
    app: ubuntu
spec:
  containers:
  - name: ubuntu
    image: ubuntu:latest
    command: ["sleep", "infinity"]

Once both containers have started the pod should show up like a peer in the Netbird dashboard.