Uploaded image for project: 'OpenShift Workloads'
  1. OpenShift Workloads
  2. WRKLDS-1192

OSSO: Deploy a sidecar container managing lifecycle of extra resources

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • OSSO: Deploy a sidecar container managing lifecycle of extra resources
    • False
    • None
    • False
    • Not Selected
    • To Do
    • 100% To Do, 0% In Progress, 0% Done
    • M

      Epic Goal*

      What is our purpose in implementing this?  What new capability will be available to customers?

      A secondary scheduler (built on top of the upstream scheduling framework) can be extended with various plugins. Each plugin may require a different rbac rules set and extra resources (e.g. CRDs) which are not installed by default through the secondary scheduler operator.

      Running a sidecar container next to the operator can simplify delivery of extra resources and reduce the overall maintenance cost. Also, helping to make a clear distinction in ownership and accountability between default resources own by OSSO and extra resources owned by third parties.
       
      Why is this important? (mandatory)

      What are the benefits to the customer or Red Hat?   Does it improve security, performance, supportability, etc?  Why is work a priority?

      Simplification of delivery of extra scheduling plugin resources.
       
      Scenarios (mandatory) 

      Provide details for user scenarios including actions to be performed, platform specifications, and user personas.  

      1.  A user deploying a secondary scheduled with custom plugins requiring non-default manifests (e.g. CRDs).

       Dependencies (internal and external) (mandatory)

      What items must be delivered by other teams/groups to enable delivery of this epic. 

      The workloads team needs to extend the OSSO API to render an extra sidecar container in the operator deployment. Plus, introduce a new documentation describing the steps and ownership.

      Contributing Teams(and contacts) (mandatory) 

      Our expectation is that teams would modify the list below to fit the epic. Some epics may not need all the default groups but what is included here should accurately reflect who will be involved in delivering the epic.

      • Development - workloads team
      • Documentation - docs team
      • QE - workloads qe team
      • PX - 
      • Others -

      Acceptance Criteria (optional)

      Provide some (testable) examples of how we will know if we have achieved the epic goal.  

      A secondary scheduler with non-default/extra resources get installed and is capable of scheduling pods through the custom plugins requiring the extra resources.

      Drawbacks or Risk (optional)

      Reasons we should consider NOT doing this such as: limited audience for the feature, feature will be superseded by other work that is planned, resulting feature will introduce substantial administrative complexity or user confusion, etc.

      • If incorrectly used/misused a user can install too many additional resources and overflow the etcd database. Nevertheless, any user can already do it through invoking `oc apply/create` command.
      • An administrator is responsible for creating any additional rbac rules (and thus increasing chance of a vulnerability) needed by custom scheduling plugin. Nevertheless, any administrator with sufficient permissions can already create additional rbac rules that can lead to increasing chance of a vulnerability.

      Done - Checklist (mandatory)

      The following points apply to all epics and are what the OpenShift team believes are the minimum set of criteria that epics should meet for us to consider them potentially shippable. We request that epic owners modify this list to reflect the work to be completed in order to produce something that is potentially shippable.

      • CI Testing -  Basic e2e automationTests are merged and completing successfully
      • Documentation - Content development is complete.
      • QE - Test scenarios are written and executed successfully.
      • Technical Enablement - Slides are complete (if requested by PLM)
      • Engineering Stories Merged
      • All associated work items with the Epic are closed
      • Epic status should be "Release Pending" 

              Unassigned Unassigned
              jchaloup@redhat.com Jan Chaloupka
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: