mnkg561
commented
4 years ago K8s native implementation for BYOC is done as part of https://github.com/keikoproj/manager/pull/8
Open mnkg561 opened 4 years ago
mnkg561
commented
4 years ago K8s native implementation for BYOC is done as part of https://github.com/keikoproj/manager/pull/8
Is this a BUG REPORT or FEATURE REQUEST?: FEATURE REQUEST
What happened: To communicate with target clusters, control plane cluster must have credentials to access managed clusters. As we have taken conscious decision to not to get into cluster creation as part of this project, we need to establish a pattern to provide managed cluster access information to the control plane cluster.
So, As part of Bring Your Own Cluster (BYOC) approach, we should provide multiple options
We should support Kubernetes native way in first release and can support cloud native ways in future releases.
What you expected to happen: It should be as simple as running a cli command on the managed cluster to create ServiceAccount, Role and RoleBinding and can extract secret information which can be presented to the "manager" as part of custom resource.
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?: If we think about it now, we might not need cluster controller as it is not creating but CRD should be sufficient. May be we just use that secret and create a dummy namespace as part of the controller reconciliation and see if that access works?
Environment:
Other debugging information (if applicable):
$ kubectl logs