-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathparam-discussion.txt
60 lines (55 loc) · 3.09 KB
/
param-discussion.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
The list below is the outcome of the scs-cluster parameter discussion that took place 04.07.2022
SCS Container parameters
========================
1. Things only needed for bootstrapping the initial cluster (which should thus be dropped)
2. Internals/Impl details that should not be exposed (and a default that is set or can be determined and works for >>90%)
3. Infra specific settings that should be generalized
4. Generic settings that should stay
5. Add-on/Opt-in services (mandatory for provider)
6. Add-on/Opt-in services (optional, but defined)
7. Advanced config
What is missing?
Current parameters in SCS ref implementation (k8s-cluster-api-provider):
---------------------------------------------------------------------------------------
Gardener approach: (https://github.com/gardener/gardener/blob/master/example/90-shoot.yaml)
cloudProfileName --> Definition of the cloud
secretBindingName --> The secret to use
CloudProject & Secrets best selected by namespace in management cluster (cluster-api), namespace equals cluster-name (best-practice)
Azure: https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/main/templates/cluster-template.yaml#L213-L227
Details how environments are identified are inherently different by cloud
Two parameters: Type and Credential (the latter including Project)
OPENSTACK_EXTERNAL_NETWORK_ID: (2) -> Should be auto-discovered (internet) -- only trouble is that on some clouds there are more than one external networks -> (7) advanced config
OPENSTACK_DNS_NAMESERVERS: (2) Provider should have sane defaults (either in subnet default config or in created subnet dhcp or in kubeadm)
Need to support multiple zones with one cluster => Move parameter into a per MachineDeployment parameter (and an array for the control plane)
MTU_VALUE: (2) AUTODETECT! Specific cluster-stack for Jumbo frames ... not available on all providers. (Fallback options?)
NODE_CIDR: (7) - might want to use IPv6
USE_CILIUM: (2) -> could create separate cluster stacks
OPENSTACK_IMAGE_NAME: (2)
OPENSTACK_IMAGE_RAW: (2) cloud provider to chose
OPENSTACK_IMAGE_REGISTATION_EXTRA_FLAGS: (2)
OPENSTACK_CONTROL_PLANE_IP: (2)
OPENSTACK_SSH_KEY_NAME: (2)
CONTROL_PLANE_MACHINE_GEN: (2) Auto-generate
WORKER_MACHINE_GEN: (2) Auto-generate
OPENSTACK_ANTI_AFFINITY:
Can we mandate this always? Challenges: Some platforms may not have soft-anti-affinity and run out of hosts.
Default to on, can be disabled per machine deployment WORKER.DISABLE_ANTIAFFINITY (can be safely ignored by providers :-) )
OPENSTACK_SRVGRP_CONTROLLER: (2)
OPENSTACK_SRVGRP_WORKER: (2)
DEPLOY_OCCM: (2) - always on
DEPLOY_CINDERCSI: (2)
Naming standardization
Default storage class needed
Possibly more than one -- performance, encryption, ...
ETCD_PRIO_BOOST: (2) Provider defines it such that it works
ETCD_UNSAFE_FS: (2) dito
Next session
---------------
DEPLOY_METRICS: (5) Default on
DEPLOY_NGINX_INGRESS: (5) Default off?
NGINX_INGRESS_PROXY: ? (Needs analysis in ref impl.)
DEPLOY_CERT_MANAGER: (6)
DEPLOY_FLUX: (6)
(planned, but not yet implemented:)
DEPLOY_HARBOR: (6) in the future
HARBOR_PARAM1: To be determined what parameters are needed ....