search

FairwindsOps / pentagon

A framework for building repeatable, containerized, cloud-based infrastructure as code with Kubernetes.
https://www.reactiveops.com
Apache License 2.0
183 stars 25 forks source link

One IG per AZ in kops #151

Closed sudermanjr closed 5 years ago

sudermanjr commented 5 years ago

This has been our default for a while. Sets up one instance group per AZ for a kops cluster

CLAassistant commented 5 years ago

CLA assistant check
All committers have signed the CLA.

sudermanjr commented 5 years ago

Would we want to do a migration? It seems like it would require a very conscious choice from the operator to make that change and apply it to the kops cluster. Not sure if that falls under the purview of migrations, but I've also not ever written one before....

ejether commented 5 years ago

The area between "make a migration" and "enforce standards externally" is a grey one and we haven't really nailed it down. I think that any change in pentagon standards deserves a migration and things that are outside of pentagon are for external enforcement. There is certainly lots of room for discussion on this though and for halfways too. For example, the migration can make the changes and the user can reject them by not merging the migration branch then the external audit tooling can nag them about it forever more.

I don't think that discussion should be a blocker for this issue but I think it will be a good thing to settle before a new release is cut so we can add a migration if the discussion falls that way.

sudermanjr commented 5 years ago

That seems fine to me. I can stall this PR if you want me to add a migration, or we can merge this and I can add a migration. I also don't want to block any releases that might happen before I have time to write a migration

ejether commented 5 years ago

Merge this and create a new issue for a migration please. We can hold the migration discussion on that issue.

EJ Etherington Chief Technical Officer ReactiveOps.com ej@reactiveops.com

On Nov 19, 2018, at 8:22 AM, Andrew Suderman notifications@github.com wrote:

That seems fine to me. I can stall this PR if you want me to add a migration, or we can merge this and I can add a migration. I also don't want to block any releases that might happen before I have time to write a migration

— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/reactiveops/pentagon/pull/151#issuecomment-439952277, or mute the thread https://github.com/notifications/unsubscribe-auth/AAp5zBq8SDJzIe0iS7-xlusd4HPpMFJzks5uwtrFgaJpZM4YVhF5.