GitOps sounds like it has positive benefits, ArgoCD apparently supports this with teams.. as does the core teams add on in the blueprints. But what is an example of best practices for implementing this? I've tried this with an Application Development team as well as a Platform team.. where the Latter certainly does have more permissions. However in the ArgoCD App-of-Apps example, teams are limited to their own namespace. It seems that the Platform team should be able to specify deployment namespaces so that it can provision services such as Kafka or Databases for use by the development Teams.
Use Case
Example use case: As a Platform engineer I want to setup a Kafka cluster for development teams to use. The development teams may have the ability to create topics but the overall cluster and it's management is owned by the platform team. To do this I could add an AddOn to either deploy a Strimzi Kafka Operator OR the Ack Kafka operator to be used. However how do I actually build the Kafka cluster? I could do this by deploying it through Helm in my Platform-team under App-of-Apps - but that forces it to be deployed under my team's specific namespace (team-platform). I'd like to be able to deploy it under a different namespace (either a generic Kafka ns or perhaps one more specific to the target application team). I think the key here is coming up with a compelling pattern that separates the various layers better (EKS cluster, services/databases/etc., applications).
Proposed Solution
Hopefully this could be done with careful use of current functionality and a view to what we should be able to do for GitOps.
Other Information
No response
Acknowledgements
[X] I may be able to implement this feature request
This issue has been automatically marked as stale because it has been open 60 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days
Describe the feature
GitOps sounds like it has positive benefits, ArgoCD apparently supports this with teams.. as does the core teams add on in the blueprints. But what is an example of best practices for implementing this? I've tried this with an Application Development team as well as a Platform team.. where the Latter certainly does have more permissions. However in the ArgoCD App-of-Apps example, teams are limited to their own namespace. It seems that the Platform team should be able to specify deployment namespaces so that it can provision services such as Kafka or Databases for use by the development Teams.
Use Case
Example use case: As a Platform engineer I want to setup a Kafka cluster for development teams to use. The development teams may have the ability to create topics but the overall cluster and it's management is owned by the platform team. To do this I could add an AddOn to either deploy a Strimzi Kafka Operator OR the Ack Kafka operator to be used. However how do I actually build the Kafka cluster? I could do this by deploying it through Helm in my Platform-team under App-of-Apps - but that forces it to be deployed under my team's specific namespace (team-platform). I'd like to be able to deploy it under a different namespace (either a generic Kafka ns or perhaps one more specific to the target application team). I think the key here is coming up with a compelling pattern that separates the various layers better (EKS cluster, services/databases/etc., applications).
Proposed Solution
Hopefully this could be done with careful use of current functionality and a view to what we should be able to do for GitOps.
Other Information
No response
Acknowledgements
CDK version used
2.115.0 (build 58027ee)
EKS Blueprints Version
1.13.1
Node.js Version
v20.11.0
Environment details (OS name and version, etc.)
Windows Powershell