fluxcd
[Question] Can multi weave flux shares the same memcached services
Hi,
I am implementing the multi-tenancy via weave flux operators. My approach is the same, a cluster repo--> a cluster flux operator, and a namespace -> a namespace flux operator.
However, given that I do not want the flux operator be able to deleted or modified by mistakes by the namespace users, i decided to put all the namespace flux operators in the namesapce flux as below:
$ kubectl get pods -n flux
NAME READY STATUS RESTARTS AGE
demo2-flux-5c5f58f547-zvjb5 1/1 Running 0 5m23s
flux-6f6d459df5-jsqld 1/1 Running 0 9h
memcached-7b4c8bd545-5ks9g 1/1 Running 0 2d8h
demo2 is the namespace name, which I use the below to get it working
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
labels:
name: demo2-flux
name: demo2-flux
namespace: demo2
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flux
subjects:
- kind: ServiceAccount
name: demo2-flux
namespace: flux
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
labels:
name: demo2-flux-secrets
name: demo2-flux-secrets
namespace: flux
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
labels:
name: demo2-flux-secrets
name: demo2-flux-secrets
namespace: flux
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flux
subjects:
- kind: ServiceAccount
name: demo2-flux
namespace: flux
Obviously, in this case all the flux operators are sharing with one memcached services (pod). My question is, what will be some of the considerations for working with one memcached services ?
Yes sharing the same cache is encouraged, the multi-tenancy does it here https://github.com/fluxcd/multi-tenancy/blob/master/cluster/team1/flux-patch.yaml#L12
