-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add support to multiple schemas and the new KFDDistribution
schema
#95
Conversation
545f3b1
to
43ff647
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some little changes
We should also change the behaviour with the certManager setting in the ingress module Instead of nginx:
# the tls section defines how the tls for the ingresses should be managed
tls:
# provider can be certManager, secret
provider: certManager
certManager:
# the configuration for the clusterIssuer that will be created
clusterIssuer:
# the name of the clusterIssuer
name: letsencrypt-fury
# the email used during issuing procedures
email: example@sighup.io
# the type of the clusterIssuer, can be only http01, dns01 integration is not yet supported
type: http01 We should swap type with solvers to make the user free to define the configuration nginx:
# the tls section defines how the tls for the ingresses should be managed
tls:
# provider can be certManager, secret
provider: certManager
certManager:
# the configuration for the clusterIssuer that will be created
clusterIssuer:
# the name of the clusterIssuer
name: letsencrypt-fury
# the email used during issuing procedures
email: example@sighup.io
# solvers definition
solvers: [] |
While analyzing the current state of the distro provider together with @smerlos and @Deepzima , we found some additions that are nice to have: On the distribution side, we have the need to enable or disable stuff, but instead of going to the correct approach modules:
networking:
type: none|calico|cilium
calico:
podCidr:
cilium:
podCidr:
nodeNetmask:
ingress:
nginx:
type: none|single|dual
monitoring:
# cannot be disabled
logging:
type: none|opensearch-single|opensearch-triple|loki
auth:
provider:
type: none|basicAuth|sso
dr:
type: none|on-premises|eks
policy:
type: none|gatekeeper Let's explain:
PS: This applies also to EKS |
a0134ae
to
b1fb936
Compare
Opened a related issue: #105 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given the new defaults folder, we should delete the file furyctl-defaults.yaml
017fd89
to
3be9645
Compare
a21cc2e
to
72e19f6
Compare
2df6e81
to
006a3bd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I left minor comments, LGTM
templates/distribution/manifests/networking/kustomization.yaml.tpl
Outdated
Show resolved
Hide resolved
templates/distribution/manifests/networking/patches/infra-nodes-distro-cilium.yaml.tpl
Outdated
Show resolved
Hide resolved
… in the case of distroprovider with networking type calico, add toleration NoSchedule to tigera operator
Closes #96.
Based on
example/new-schema-version
branch