develop a router statefulset to augment or replace tunneler daemonset? #257
Description
Using the Go ziti router for tunneling instead of the C-SDK tunneler, ziti-edge-tunnel, has specific advantages but cannot be accomplished with a daemonset because routers must have a unique identity. In contrast, the existing tunneler daemonset auto-scales an array of clones sharing the same identity, one per worker node because daemonsets do not provide a way to configure unique configuration per clone. That's where a statefulset may be useful, or perhaps some other resource type.
router advantages include:
- the multiple fabric links available to each router make the edge connections it provides more fault tolerant and efficient, so it makes a lot of sense to have a router on each worker node advertising its edge listeners inside or outside the cluster, or both (one advertisement per listener)
- the router is multi-threaded
- the router can provide an IP gateway, which could enable more flexible cluster-wide proxy options involving IP routes?
- further comparison of router vs. dedicated C-SDK tunneler in Tunnel Comparison ziti-doc#383