Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-30242

Configurable Ephemeral Storage for ACS Sensor

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • Product / Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected

      Enable customers to configure generic ephemeral volumes for RHACS sensors through the SecuredCluster CR, providing better storage management and resource utilization in GitOps environments.

      Description:

      Currently, the RHACS sensor pod uses emptyDir for ephemeral storage, which can lead to high storage utilization on nodes (observed at 184MB). Customers need the ability to configure generic ephemeral volumes through the SecuredCluster custom resource when using GitOps deployment methods, rather than directly modifying pod or deployment configurations.

      Goals and expected user outcomes:

      Primary users: Platform Engineers and Security Teams managing RHACS through GitOps

      Expected outcomes:

      • Ability to configure generic ephemeral volumes through SecuredCluster CR
      • Better control over sensor storage allocation
      • Reduced node storage pressure
      • Improved compatibility with GitOps workflows
      • Consistent storage management across cluster fleet

      Acceptance Criteria:

      1. Technical Requirements:

      • Add support for generic ephemeral volume configuration in SecuredCluster CR
      • Maintain backward compatibility with existing deployments
      • Support standard storage class configurations
      • Enable storage resource limits and requests specification

      2. Functional Requirements:

      • Allow specification of volume size
      • Support storage class selection
      • Enable access mode configuration
      • Preserve existing sensor functionality

      3. Non-functional Requirements:

      • Security: Maintain existing security context and permissions
      • Performance: No degradation in sensor performance
      • Reliability: Ensure stable storage operations
      • Maintainability: Clear documentation and upgrade path
      • Scalability: Support for multi-cluster deployments
      • Usability: Simple configuration syntax in SecuredCluster CR

      Success Criteria or KPIs measured:

      1. Technical Metrics:

      • Zero regression in sensor functionality
      • Successful deployment across different storage classes
      • Proper cleanup of resources when pods are terminated

      2. Operational Metrics:

      • Reduced number of storage-related alerts
      • Decreased node storage pressure
      • Improved storage utilization efficiency

      3. User Experience Metrics:

      • Successful GitOps deployments using new configuration
      • Reduced manual intervention in storage management
      • Positive feedback from GitOps users

              saledort@redhat.com Sabina Aledort
              saledort@redhat.com Sabina Aledort
              Sabina Aledort Sabina Aledort
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: