XML

Word

Printable

Type: Story
Resolution: Done
Priority: Major
Fix Version/s: Primaza 0.1
Affects Version/s: None
Component/s: Service Binding
Labels:
None

Story Points:
5
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
Register Primaza Clusters
Git Pull Request:
https://github.com/primaza/primaza/pull/115, https://github.com/primaza/primaza/pull/132, https://github.com/primaza/primaza/pull/181, https://github.com/primaza/primaza/pull/128
Intelligence Requested:
Market:

Sprint:
AppSvc Sprint 236, AppSvc Sprint 237, AppSvc Sprint 238

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Owner: Architect:

Francesco Ilario

Story (Required)

As a Primaza Administrator,
I would like to have consistent names for Primaza's resources
So that I can support multi-tenancy

Background (Required)

As defined in the Primaza architecture document, we need to support multi-tenancy.

See epic for arch document link.

Glossary

See glossary in architecture document

Out of scope

Use primazactl in BDD tests

In Scope

Update BDD Tests
Update Service Agent Manifests
Update Application Agent Manifests
Update Primaza Manifests
Update Make files

Approach(Required)

Names for Application and Service namespaces, and Primaza Control Plane should be updated as follows:

Application Namespaces
- Service Account: primaza-agent-app
- Leader Election Role: pmz:app:leader-election
- Leader Election RoleBinding: pmz:app:leader-election
- Manager Role: pmz:app:manager
- Manager RoleBinding: pmz:app:manager
- Agent's Deployment: primaza-agent-app
- Kubeconfig Secret: kubeconfig-primaza-app
- Primaza's Role: pmz:controlplane:app
- Primaza's RoleBinding: pmz:controlplane:app
Service Namespaces
- Service Account: primaza-agent-svc
- Leader Election Role: pmz:svc:leader-election
- Leader Election RoleBinding: pmz:svc:leader-election
- Manager Role: pmz:svc:manager
- Manager RoleBinding: pmz:svc:manager
- Agent's Deployment: primaza-agent-svc
- Kubeconfig Secret: kubeconfig-primaza-svc-[counter]
- Primaza's Role: pmz:controlplane:svc
- Primaza's RoleBinding: pmz:controlplane:svc
Worker Cluster
- ClusterEnvironment's Service Account in kube-system: pmz-[tenant]-[cluster environment name]
- Access Token Secret for ClusterEnvironment's Service Account in kube-system: tkn-pmz-[tenant]-[cluster environment name]
Primaza Control Plane
- Primaza's namespace is named after the tenant
- Application Agent's Service Account: app-[cluster environment name]-[namespace]
- Access Token Secret for Application Agent's Service Account: tkn-app-[cluster environment name]-[namespace]
- Service Agent's Service Account: svc-[cluster environment name]-[namespace]
- Access Token Secret for Service Agent's Service Account: tkn-svc-[cluster environment name]-[namespace]
- Application Agent Role: agentapp
- Service Agent Role: agentsvc
- RoleBinding between Service Agent Service Account and Service Agent Role: svcagent-[cluster environment name]-[namespace]
- RoleBinding between Application Agent Service Account and Application Agent Role: appagent-[cluster environment name]-[namespace]

Demo requirements(Required)

Run a multi-cluster environment with two primaza tenants and show resources

Dependencies

Edge Case

BDD Tests

Acceptance Criteria

Development
new naming convention is applied to primaza resources

Docs
There is a page in our docs dedicated to explaining the naming convention
Update architecture document with any changes while implementing
There is a link in our main readme to the naming convention page

INVEST Checklist

Dependencies identified
Blockers noted and expected delivery timelines set
Design is implementable
Acceptance criteria agreed upon
Story estimated

Legend

Unknown
Verified
Unsatisfied

is related to

APPSVC-1328 Primazactl: updates for new naming convention

Closed

Assignee:: Francesco Ilario

Reporter:: Francesco Ilario

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/04/18 8:34 AM

Updated:: 2023/05/30 11:48 AM

Resolved:: 2023/05/30 11:48 AM

Details

Description