Skip to content

Control plane bootstrapping order AKA we need a run-level conceptΒ #54522

Open
@lavalamp

Description

Background:

We are adding extension mechanisms to the Kubernetes control plane, initializers and admission webhooks. If e.g. the webhooks are configured but not actually running in the cluster, then the cluster is broken until an administrator can fix it. To make it possible to avoid this situation, we're going to let the webhook be gated on a selector matching the labels on the namespace containing the item under consideration. This should make it possible to construct a set of labels on namespaces that will allow the namespaces hosting the critical webhooks to be operational when the webhooks aren't running. (I will add a link to the design when it is published.)

What we need:

We're looking for documented best practices around this. We imagined building a "run level" system in labels on namespaces out of this. A complete solution should

  • Cover how many run levels there are
  • Cover what components go in which run level
  • Analyze the functionality of the current controller-manager; it may need to be split into binaries or modes that are in different run levels
  • Draw some inspiration from Brian's layers doc.

We think cluster lifecycle SIG is probably the best place for this to be worked out.

(This is from a meeting between myself, @cheftako, @deads2k, @smarterclayton, @liggitt, @caesarxuchao, and @jagosan. )

Metadata

Assignees

No one assigned

    Labels

    area/adminIndicates an issue on admin area.area/admission-controlarea/controller-managerkind/featureCategorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.priority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.sig/api-machineryCategorizes an issue or PR as relevant to SIG API Machinery.sig/cluster-lifecycleCategorizes an issue or PR as relevant to SIG Cluster Lifecycle.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions