diff --git a/geps/x.md b/geps/gep-2014.md similarity index 88% rename from geps/x.md rename to geps/gep-2014.md index 257bcc253d..bd4d207a82 100644 --- a/geps/x.md +++ b/geps/gep-2014.md @@ -1,20 +1,24 @@ # GEP-X: Declarative Policy -* Issue: TODO +* Issue: [2014](https://github.com/kubernetes-sigs/gateway-api/issues/2014) * Status: Provisional +* Authors: [Flynn](mailto:flynn@buoyant.io); [Shane Utt](mailto:shane@konghq.com) ## Definitions -In this document we'll use `Policy` to refer to things that are specifically called policies -as well as other "MetaResources" that follow similar patterns. +In this document we'll use `policy` to refer to any resource whose purpose is +setting policy around other resources. Notably, this could include either +"policies" or "metaresources" as used in other documents: we're intentionally +using the broader scope here. -## TLDR +## tl;dr: -This proposal is a follow-up to [GEP-713 Metaresources and Policy Attachment][713] to recommend -that we specifically remove the "attachment" part of "policy attachment" in favor of something -that is declarative at the affected resource level. +This proposal is a follow-up to [GEP-713 Metaresources and Policy Attachment] +to recommend that we specifically remove the "attachment" part of "policy +attachment" in favor of something that is declarative at the affected resource +level. -[713]:https://gateway-api.sigs.k8s.io/geps/gep-713/ +[GEP-713 Metaresources and Policy Attachment]:https://gateway-api.sigs.k8s.io/geps/gep-713/ ## Goals @@ -23,6 +27,10 @@ that is declarative at the affected resource level. - Provide new semantics to incorporate `Policy` resources at the level of the `Resource` that will be affected. +## Non-Goals + +- To be clarified + ## The Problem: A Parable of Jane It's a sunny Wednesday afternoon, and the lead microservices developer for @@ -157,20 +165,26 @@ Given that the fundamental problem is that policy attachement isn't declarative as written and should be made declarative, there is only one fundamental answer: we need to modify the Kubernetes core resources to include extension points where a given object refers to its modifier, rather than -having the modifying resource try to attach to its source. This is an ugly -job, but it’s the only way to deal with this situation. +having the modifying resource try to attach to its source. (For the record, we +take no joy in this statement, but we do feel that it's the correct answer.) This GEP proposes to start this process with the Gateway API resources. +A final note: while it's important to acknowledge that policy attachment is +**not** the root cause of the application problems that Jane and Julian have +in the parable above, it's also important to recognize that policy attachment +makes understanding and fixing the problem much more difficult. That's the +primary concern behind this GEP. + ## API TODO: future iteration ## Questions and Answers -**Q**: _Why are you implying that there’s a problem with policy attachment? -Isn’t your parable really just showing us that Jane and Julian work for a -dysfunctional organization?_ +**Q**: _Isn’t your parable really just showing us that Jane and Julian work +for a dysfunctional organization, rather than showing anything wrong with +policy attachment?_ **A**: As written, Evil Genius Cupcakes is _far_ from the most dysfunctional organization I’ve seen. Jane and Julian support each other, neither casts