Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Managed control planes #549

Open
2 of 14 tasks
Unix4ever opened this issue Aug 14, 2024 · 2 comments
Open
2 of 14 tasks

Managed control planes #549

Unix4ever opened this issue Aug 14, 2024 · 2 comments
Labels
epic

Comments

@Unix4ever
Copy link
Member

Unix4ever commented Aug 14, 2024
edited
Loading

Tasks
Beta Give feedback
  1. create a controller for handling machine request set which is created for managed control planes #705
    Unix4ever
  2. managed control planes config patch management #725
    Unix4ever
  3. support setting machine patches in the infra provider #728
    Unix4ever
  5. support special resource operation mode in Omni which doesn't give full access to the user #550
    Unix4ever
  7. hidden infra provider support #717
  9. logging into the client's account for the users with godmode access #551
  10. filter the managed resources, not showing them to the user #594
  11. machine set node controller should support the mode which allocates machines from a specific machine request set #595
    Unix4ever
@Unix4ever Unix4ever added the epic label Aug 14, 2024
@Unix4ever
Copy link
Member Author

Unix4ever commented Aug 28, 2024
edited
Loading

Managed control planes creation flow:

  1. Create a cluster and enable a feature use managed control planes.
  2. MachineRequestsSet should be created (1 or 3 depending on the tier, we can start with 1 node).
  3. Create a controlplane MachineSet that gets the machines from the created MachineRequestSet.
  4. We should create the ConfigPatch that configures the node right for the managed mode.

Note: managed control planes should be ignored by the machine class controller, and the state validation shouldn't allow allocating the nodes if they are allocated with the readonly annotation.

Need to decide what we're going to do with the etcd backups feature for the cluster.

@Unix4ever
Copy link
Member Author

Unix4ever commented Oct 16, 2024
edited
Loading

POC UX:

  1. The POC works only with Talos 1.8.1+.
  2. Introduce a flag in Omni that will enable managed control planes support.
  3. Cluster template ConrolPlanes section gets another configuration setting:
---
kind: ControlPlane
managed:
  enabled: true
  provider: SideroLabs
  size: xs
  1. Cluster gets created with the control planes allocated in the configured infra provider for managed control planes.
  2. The user can see the created machines, can't do anything with them, can't use talosctl command against them.
  3. Kubectl get nodes will show the control planes and get pods will show the kube-system static pods.
  4. Cluster should have pre-configured config patches: kubespan, metrics endpoints. They should be read-only/hidden for the user.
  5. The POC will be a separate instance of Omni and it's whole state will be dropped after user testing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
epic
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Unix4ever