-
We anticipate the need for users to dedicate nodes to control planes for various reasons (e.g. https://github.com/openshift/hypershift/issues/237 regarding noisy neighbors, resource requirements, etc.…
-
Currently the Openshift API Server has no access to in cluster webhooks. This means if someone creates a webhook on a resource processed by the openshift apiserver the openshift apiserver will crash.
…
-
We anticipate the desire for colocation of control plane components to limit the impact of cross-node issues, optimize the communications paths between components, etc (see https://github.com/openshif…
-
Within a hypershift control plane certain workloads can vary in resource requirements depending on the size/usage of the guest cluster that they are hosting. Particularly, these can be:
1. Etcd
2. K…
-
Specific section of config is here:
https://github.com/openshift/hypershift/blob/73da1bc576c46d5a45f440a79b3b17717f5a3243/control-plane-operator/controllers/hostedcontrolplane/assets/kube-apiserver/c…
-
I do not believe we want to rely on logs/exec in critical operations for reliability purposes. Currently it is a requirement for the imageLookup pod:
https://github.com/openshift/hypershift/blob/fec5…
-
We need to ensure all components are built in a FIPS enabled way (with go-toolset) and that there is a path to enable FIPS in RHCOS workers (already a field in the machine config).
One downstream …
-
Currently: a unique Machine Config Server is added for every NodePool in hypershift. That requires a unique nodePort or route for every node pool created in the cluster and a unique deployment in ever…
-
We need to be able to specify pod affinity rules based off a given clusterID to ensure various master components prefer to run colocated on a given node in a given zone. This helps isolate the affect …
-
There is a use case in which a customer may want to bring their own etcd instance managed in their own desired way outside of hypershift (database provider, etc). In order for hypershift to support th…