-
I get following error when trying to deploy a hosted cluster to a region other than us-east-1.
```
$ hypershift create cluster \
> --pull-secret ~/pull-secret.txt \
> --ssh-key ~/.ssh/id_rsa…
-
We need the support to specify tolerations on the master component manifests. This allows taints to be used in the management cluster to isolate specific types of workload to help prevent certain nois…
-
We need the ability to specify resource request/limits on all master component manifests in order to allow kube to accurately schedule these components.
IBM Roks toolkit example configuration:
ht…
-
We need the ability to specify priority classes on critical master deployment manifests in order to ensure these manifests do not get evicted when the workers they are on enter disk pressure, memory p…
-
since this traffic contains customer certs we need the traffic to be encrypted on the download from the pod that is ran: right now it uses the http endpoint
-
Requirements:
- [ ] Authentication for MCO
- [ ] NodePort services in control plane
- [ ] Adopt cluster/byo etcd/pki
## Authentication for Machine Config Server:
### Current
Machine Config s…
-
We anticipate multi-zonal spread of control plane components to be a common requirement (e.g. https://github.com/openshift/hypershift/issues/227).
One approach that we think may satisfy the majorit…
-
It for the case of VPC Gen 2 is not a trivial answer to find and is not modeled in ibm-roks-toolkit.
Right now the only placed it's used is in install-config which is used by MCS. But I do not thin…
-
Currently their appears to be one spot where a "ingress-crt" used on the control plane side for it's ingress controller is also sent into a customer cluster. This provides exposure of the management c…
-
Since the machine config server has the potential to be a public endpoint and serves up cluster specific certificates and kube bootstrapping credentials we need some method to authorize access to the …