Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-2110

Quay Operator supports advanced Clair configuration

    XMLWordPrintable

Details

    • Quay Operator supports advanced Clair configuration
    • False
    • False
    • Green
    • To Do
    • 100
    • 100% 100%
    • Undefined
    • 0

    Description

      Epic Goal

      • Customers can disable certain or all updaters in Clair in disconnected environments
      • Customers can leverage Clair in a geo-replication setup via the Operator where the database is centralized and a global load balancer is used which FQDN is different from the cluster-level routes for Clair
      • Customers can override the default volume size for the Postgres Database

      Why is this important?

      • The Quay Operator currently deploys Clair in a very opinionated way where the database is always local but in geo-replication Clair should use a central database
      • The Quay Operator currently does not allow adjusting the Clair config in any way at all, which is needed for Clair to work correctly in disconnected environments where all remote update sources are unavailable

      Scenarios

      1. A Quay administrator can configure the updater set of Clair via the Operator
      2. A Quay administrator can configure the database connection string via the Operator
      3. A Quay administrator can configure a set of custom certificates into the Clair deployment to support internal HTTPS proxies
      4. A Quay administrator can override/ or resize (increase) the size and storage class of the Postgres Database PVC
      5. A Quay administrator can use a different FQDN for Clair than that of the Route so that they leverage a global load balancing mechanism fronting different clusters running Clair

      Acceptance Criteria

      • All scenarios above must be fulfilled via the Operator
      • CI - MUST be running successfully with tests automated
      • Release Technical Enablement - Provide necessary release enablement details and documents.
      • Downstream documentation how to deploy Clair via the Operator geo-replication or disconnected environments

      Open questions:

      1. What is faster? Implementing this change or writing a Clair Operator that has this level of customization?
      2. Should we support adding a custom clair config referenced by the QuayRegistry CR and process it in sync with the rest of the managed components like we do today with the Quay config bundle?

      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Downstream documentation merged: <link to meaningful PR>

      Attachments

        Issue Links

          blocks

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. PROJQUAY-2504 Quay Operator supports geo-replication

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          is duplicated by

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. PROJQUAY-2128 Make Clair DB connection string configurable when deployed via the Operator

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. PROJQUAY-1696 Allow Clair's database to be unmanaged

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Task - Represents a small unit of work that is not end-user facing. PROJQUAY-3225 DOCS Quay Operator supports advanced Clair configuration

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rmarasch@redhat.com Ricardo Maraschini (Inactive)
              DanielMesser Daniel Messer
              luffy zhang luffy zhang
              Votes:
              2 Vote for this issue
              Watchers:
              12 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: