Uploaded image for project: 'Container / Cluster Management (XCM) Strategy'
  1. Container / Cluster Management (XCM) Strategy
  2. XCMSTRAT-319

ROSA: Remove or Add Additional Security Group(s) on Existing Machine Pools (Day-2)

    XMLWordPrintable

Details

    • True
    • Hide

      HyperShift project does not yet support in-place mutation of NodePool Spec.

      Show
      HyperShift project does not yet support in-place mutation of NodePool Spec.
    • False
    • 0
    • 0% 0%
    • 0

    Description

      Feature Overview (aka. Goal Summary)  

      This feature strengthens both security and AWS integration themes of ROSA service. Developers deploying workloads in ROSA service often need to connect their workloads running inside OCP to other AWS Services or applications running in other VPCs. This feature will allow cluster administrators to assign optional additional Security Groups to control plane nodes, infra nodes, and all the worker nodes of machine pools (at machine pool granularity). Following will be parts of this feature that will be delivered separately (not necessarily in the phased/ordered way)

      1. XCMSTRAT-46 : Support for creating additional Security Group IDs on day-one machine pool + Control Plane nodes + Infra nodes during ROSA Classic /OSD cluster creation
      2. XCMSTRAT-41 : Support for creating additional Security Group IDs on day-two machine pools after ROSA Classic/OSD cluster creation
      3. XCMSTRAT-319 (this): Support for changing machine pools to add/remove additional Security Group IDs on ROSA Classic/OSD cluster creation
      4. XCMSTRAT-320:: upport for Additional Security Group IDs on ROSA HCP clusters

      Goals (aka. expected user outcomes)

       

      Requirements (aka. Acceptance Criteria):

      See the above Goal entry.
      +

      Consistent UX Support for clients - ROSA CLI, OCM UI and Terraform.

      Use Cases (Optional):

      Include use case diagrams, main success scenarios, alternative flow scenarios.  Initial completion during Refinement status.

       

      Questions to Answer (Optional):

      Include a list of refinement / architectural questions that may need to be answered before coding can begin.  Initial completion during Refinement status.

       

      Out of Scope

      High-level list of items that are out of scope.  Initial completion during Refinement status.

       

      Background

      Provide any additional context is needed to frame the feature.  Initial completion during Refinement status.

       

      Customer Considerations

      Provide any additional customer-specific considerations that must be made when designing and delivering the Feature.  Initial completion during Refinement status.

       

      Documentation Considerations

      Provide information that needs to be considered and planned so that documentation will meet customer needs.  Initial completion during Refinement status.

       

      Interoperability Considerations

      Which other projects and versions in our portfolio does this feature impact?  What interoperability test scenarios should be factored by the layered products?  Initial completion during Refinement status.

       

      References:

       __  [1] Scenarios for connecting to RDS Database - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_CommonTasks.Connect.html#CHAP_CommonTasks.Connect.ScenariosForAccess 

       [2]Controlling access to RDS instance using Security Groups - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGroups.html 

      Attachments

        Issue Links

          is related to

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. XCMSTRAT-41 ROSA: Additional Security Group(s) for Optional Machine Pools (Day-2)

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. XCMSTRAT-46 ROSA: Additional Security Group(s) during Cluster Creation (Day-1)

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. XCMSTRAT-667 ROSA HCP: UI for Additional Security Groups on CREATE MACHINEPOOL

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Backlog

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. XCMSTRAT-320 ROSA HCP: Additional Security Group(s) on Machine Pools

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              rh-ee-bchandra Balachandran Chandrasekaran
              rh-ee-adejong Aaren de Jong
              Aaren de Jong, Balachandran Chandrasekaran
              Xue Li Xue Li
              Andrew Jones Andrew Jones
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: