Closed stefanprodan closed 9 months ago
This feature would be really useful for us, for multiple reasons. The main one being to avoid applying to the wrong context.
This seems like a really nice direction, I like the structure and the flow makes sense to me. Will have a further think on it 👍
Does this concept apply at all to flux-managed clusters? I have more or less committed down the flux path, and my naive interpretation is that this feature set wouldn't apply to my use case. Am I making the wrong conclusions? To clarify when I say feature set I am referring to any capability of Timoni to manage kubernetes objects as distinct from the notion of using timoni to build and push module artifacts.
Does this concept apply at all to flux-managed clusters?
No, if you're using Flux, then Timoni's role is limited to generating YAMLs which you would push to the registry with flux push artifact
, from there the Flux controllers running on your clusters will pull and apply the manifests.
This proposal is for improving the delivery of apps across clusters with Timoni Bundles by allowing users to define the target clusters and environments (group of clusters) in a declarative manner. Bundles will support customising the configuration of each app based on the target group of clusters and cluster name.
Current solutions
Currently, deploying apps to multiple clusters and customising the apps configuration based on the target environment is possible with Timoni Bundles and Runtime attributes.
Bundle example:
Target clusters based on exported values
To apply the bundle to all clusters, we need to export the runtime values and set the kubeconfig context for each cluster:
Target clusters based on runtime values
Another approach would be to create a
ConfigMap
in each cluster with the cluster name and group, and configure Timoni with a Runtime definition to read the values from each cluster.Runtime example:
To apply the bundle on all clusters, we no longer need to export the runtime values, but we still need to set the kubeconfig context for each cluster:
Drawbacks
The major drawback with exporting the target cluster name and group, is that these values coming from the local environment are opaque and, they can change between executions. Also, the env vars must match the kubeconfig context, users are at risc of deploying the staging configuration on the production clusters and vice versa.
While querying the cluster for the name and group is way better than relying on env vars, these values must be set in each cluster ahead of time in a ConfigMap. Users many not be aware of the actual values set in the ConfigMaps, so they must run
timoni runtime build
for each cluster to check the values are correct. Also, any changes to the ConfigMaps, like renaming a cluster or moving a cluster to a different group, must be kept in sync with the conditions in the Bundle.The major drawback of both approaches, is that we need to run the
timoni bundle apply
command for each cluster while passing the right--kube-context
argument. When deploying to a large fleet of clusters, having to run dozens commands requires some sorts of scripting on top of Timoni CLI, which increases the complexity and is error-prone.Proposed solution
To improve the multi-cluster deployment capabilities, the Runtime API could be extended to allow users to set the target clusters in a declarative manner.
Runtime clusters example:
To apply the bundle on all clusters, users will run a single command:
With
--runtime-cluster="*"
, Timoni will apply the bundle on each cluster, in the order defined in the Runtime definition. If the apply fails on a staging cluster, Timoni will stop the execution and not continue with production.Timoni will automatically set the
TIMONI_CLUSTER_NAME
andTIMONI_CLUSTER_GROUP
runtime attributes and, will change the Kubernetes context to the value specified for each cluster.To apply the bundle on production clusters only:
To preview changes without altering the clusters:
The
bundle vet
command output will change when more than one cluster is selected, so that users can review the computed bundle values for each cluster:The
bundle status
andbundle delete
commands will have a--runtime
flag. For these two commands, we only need to read theclusters
field from the runtime definition to perform the operations across clusters.When multiple cluster are selected, the
bundle build
command will print the multi-doc YAML with the cluster name under the instance name comment:All the
timoni bundle
commands will have the following common flags:--runtime
--runtime-cluster
(defaults to*
)--runtime-group
(defaults to*
)When
--runtime
is not set, or when the runtimeclusters
field is not set, theTIMONI_CLUSTER_NAME
andTIMONI_CLUSTER_GROUP
runtime attributes will be set todefault
and, thekubeContext
will default to current context or to the value set in--kube-context
flag.