Closed christopherhein closed 2 years ago
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/lifecycle frozen
/close
@christopherhein: Closing this issue.
User Story
As an operator I would like to deploy the vn-agent with each control plane for better identity trusting between control plane and the vn-agent.
Detailed Description
For now, the code base needs to have the CN set to the name of the control plane namespaces in order to figure out the name of the tenant control plane to work out the prefixing - this was implemented in vc-manager and then regressed in CAPN with - https://github.com/kubernetes-sigs/cluster-api-provider-nested/pull/223 as the fix. This issue is to track how we could deploy the vn-agent 1:1 with the control plane instead of using other identity mechanisms.
Anything else you would like to add:
This will likely change the
vn-agent
deployment flow to move it out of the scope of the virtualcluster deploy and make it deployed via CAPN's cluster controller./kind feature