Namespace-scoped Queues and Numatopologies resources

[antonipp]

What would you like to be added:

Currently both Queues and Numatopologies are defined as cluster-scoped resources:

• https://github.com/volcano-sh/volcano/blob/74b211451dbc16618bfd2d51a7288f0c0268551f/config/crd/v1beta1/scheduling.volcano.sh_queues.yaml#L20
• https://github.com/volcano-sh/volcano/blob/74b211451dbc16618bfd2d51a7288f0c0268551f/config/crd/v1beta1/nodeinfo.volcano.sh_numatopologies.yaml#L19

What is the reason for that? Would it be possible to make them namespace-scoped?

Why is this needed:

The use-case we have is that we operate a multi-tenant cluster with multiple teams using different Volcano queues. We want to put in place RBAC with least-privilege access so that each team can only touch the queues they own.

All of our access-control is currently based on Kubernetes namespaces with each team owning resources in their individual namespaces. With cluster-scoped resources, this model is hard to maintain since we are only able to reference the queues by name in the ClusterRoles we create (docs) which doesn't scale very well.