kudo icon indicating copy to clipboard operation
kudo copied to clipboard

Published 20 hours ago verified publisher icon kudobuilder

KUDO CRDs are all Namespace scoped

Open jbarrick-mesosphere opened this issue 5 years ago • 4 comments

What would you like to be added:

The Framework and FrameworkVersions CRDs are namespace scoped, which doesn't make a ton of sense as most likely FrameworkVersions should be provided to the entire cluster (whereas, Instances should be namespace scoped).

https://github.com/kudobuilder/kudo/blob/master/config/crds/kudo_v1alpha1_framework.yaml#L13

I'm not sure if there's a reason for this or if this should be a KEP, but I'll start with a ticket.

jbarrick-mesosphere avatar May 29 '19 20:05 jbarrick-mesosphere

@runyontr and I talked about this in the past and namespacing at the time made sense for a multi-tenant cluster where you may only want certain Frameworks and FrameworkVersions available to certain namespaces. Beyond that, there hasn't been a compelling reason to go either way. Would love more thoughts on that.

Probably no need for a KEP, could extend the language in KEP-9, or bolt this on to a future security/RBAC KEP and keep it as an issue for now.

gerred avatar May 29 '19 20:05 gerred

I've also written controllers before that support either namespace or cluster scoping - we could make it configurable.

jbarrick-mesosphere avatar May 29 '19 20:05 jbarrick-mesosphere

@jbarrick-mesosphere @gerred are we still looking for this?

kensipe avatar Mar 10 '20 14:03 kensipe

we could use reasons / justifications and prioritization

kensipe avatar Mar 10 '20 14:03 kensipe