-
Notifications
You must be signed in to change notification settings - Fork 118
use vm_extensions for cloud provider keys and iaas load balancers #296
Conversation
* canonical vm_extension names provide a consistent interface for operators to configure their cpis for cfcr support. * defining cfcr-master-network-properties gives bosh operators a place to hook up iaas-specific lb config * cloud-provider ops files can, independently of vm_type, add their own cfcr-{master,worker}-iam-properties to attach iaas+instance-specific iam privileges.
Hey cwlbraa! Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA. |
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/156740949 The labels on this github issue will be updated when the story is started. |
}) | ||
|
||
It("includes load balancer configuration for iaas-based environment", func() { | ||
bash.Run("main", []string{kuboEnv}) | ||
|
||
Expect(stdout).To(gbytes.Say(" target_pool: \\(\\(master_target_pool\\)\\)")) | ||
Expect(stdout).To(gbytes.Say(" target_pool: \\(\\(cfcr_master_target_pool\\)\\)")) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not sure about the backwards compat here
* made in conjunction with cloudfoundry-incubator/kubo-deployment#296
* made in conjunction with cloudfoundry-incubator/kubo-deployment#296
@cloudfoundry-incubator/cfcr-core can we please review this? |
@glestaris this seems like a much-needed feature, we would really like to avoid having cloud provider credentials within the worker nodes, so this seems like a perfect fit. Is this planned to be merged? |
Hi, Sorry for taking that long. We do support VM extensions now. |
Hey cfcrians!
I've been poking around in kubo-deployment for a while now and thinking about how we might be able to better use bosh across IAASes and heterogenous deployment strategies. One thing that's been a fantastic operator configuration point for cf-deployment is clever use of vm_extensions configured by operators in their cloud-configs. Some details about that can be found in On Cloud Configs.
By using vm_extensions, Operators can vertically scale
cf-deployment
instance_groups using vm_type, whilst keeping their iaas provisioned load balancer configurations, ephemeral disks, and instance iam profiles in separate vm extensions. This PR aims to bring that same flexibility to kubo-deployment.In brief:
Many of the details of this change definitely welcome discussion. One thing I flip-flopped on is whether
cfcr-master-network-properties
should be required in a cloud config or not. given that static ips are used on iaases without load balancers and that there are ways to route to kubeapis via the cf routing layer. I ended up making it required as beginner operators on public clouds might find it a bit surprising that the base manifest doesn't deploy with consistently routable kube-apiserver.Best,
Connor