-
Task
-
Resolution: Done
-
Minor
-
None
-
8
-
False
-
False
-
Documentation (Ref Guide, User Guide, etc.), Release Notes, User Experience
Currently, Service Mesh supports a multi-tenant topology to support multiple service mesh control planes operating within a single cluster.
While this enables a single cluster to support multiple teams - or tenants, with each tenant having network isolation, in the case where a cluster is to be used on a single mesh with many namespaces, it can make configuration difficult as the service mesh member role (SMMR) must now contain a list of all namespaces in the cluster. This can be a very large list - several hundred namespaces.
The challenge with a large SMMR is not just administrative, but it means that our control plane must reconcile configuration across hundreds of namespaces, creating an explosion of complexity. This can impact the performance of reconciliation, and potentially for the mesh itself.
This is also a significant divergence from upstream - which only supports a cluster wide install. We have seen that many of our customers have no intention of using service mesh in a multi-tenant manner and would be satisfied with a cluster-wide installation.
This EPIC is to start collecting information on a cluster-wide option for OSSM. Customers would still have the multi-tenant option.
Docs
Document how to use OSSM in cluster-wide configuration; consider how to restructure the docs to accommodate both scenarios.