-
Notifications
You must be signed in to change notification settings - Fork 225
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add RootSyncSet controller #3462
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I may be just out of the loop, but I am yet convinced on this concept at all. It's not clear to what problem it is solving. Can we get a use case description before we see code? I can't determine if this is the right approach before having a better understanding of the problem.
|
||
// RootSyncSetSpec defines the desired state of RootSyncSet | ||
type RootSyncSetSpec struct { | ||
ClusterRefs []*ClusterRef `json:"clusterRefs,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Embedding these directly doesn't work at scale. Are we sure we want to introduce the concept of "Cluster"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd be fine with using "Target" instead (I think I'd personally prefer it), but I think we can iterate here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess this controller uses direct API access so cluster makes sense
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, it possible that this doesn't work at large scale. We can iterate on this when we get some experience with this.
// RootSyncSetSpec defines the desired state of RootSyncSet | ||
type RootSyncSetSpec struct { | ||
ClusterRefs []*ClusterRef `json:"clusterRefs,omitempty"` | ||
Template *RootSyncInfo `json:"template,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So we expect no variation between clusters?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As I understand the plan, we're starting here and then going to figure out what variation we need.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, no variation is a starting point. We know that for some (maybe many or all) cases we do need more than this.
dde95cb
to
ccbf356
Compare
ccbf356
to
47a21ea
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome - lgtm!
/approve |
This adds the RootSyncSet controller to porch. This also copies code for token exchange to support workload identity from
pkg/registry/porch/wi
topkg/tokenexchange
.This builds on #3456, so it must be merged after.