Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature] Allow change of proxy connectivity after deployment of AKSEE #202

Open
scholz opened this issue Sep 24, 2024 · 3 comments
Open
Labels
enhancement New feature or request

Comments

@scholz
Copy link

scholz commented Sep 24, 2024

Is your feature request related to a problem? Please describe.
Yes, the request is directly linked to a AKSEE-based product delivery challenge as follows: We are working for a large customer who is building appliances of which an essential part is an industry PC (IPC). Today, core parts of the product run on the IPC as docker containers. In the very near future, these containers should be pods running in AKSEE. However, this is where we meet a challenge today: in the current production process the IPC is installed completely at the factory (e.g. usb stick iso): this includes the native windows apps but also the containers. In order to comply with our customers' processes, we would like to mimic this behavior with AKSEE. Hence, this would mean: (1) deploy AKSEE during install at the factory and (2) deploy workloads also at the factory then ship to customer. However, since connection details (PROXY) are different at the customer and at the production facility this approach fails today.

  • NOTE1: of course, also the AKSEE ip range settings would be a problem here, but we would take the "risk" (inform customer up front) to set this to a fixed localnet range similar to what docker is doing with its default range 172.16.0.0/16).
  • NOTE2: today the product cannot make use of remote orchestration and is using an alternative (offline) approach to update containers; while this will change in the long-term it means that we cannot simply pull images from arbitrary registries but must rely on offline loading of pods (this is relevant in the context of the described alternatives below)

Describe the solution you'd like
We would like an extension of AKSEE Powershell or AKS-Edge AIDE functions to modify the proxy settings of AKSEE after deployment.

Describe alternatives you've considered

  • We could deploy at the customer (and configure connectivity) but:
    • it will prolong the installation process significantly (making it more expensive and error prone)
    • require that during initial install (usb stick) the containers are "parked" somewhere and then only installed when AKSEE is ready (breaking a onestep solution into at least two steps); this is due to fact that we cannot allow registry downloads at this point and need to bring everything along (see above)
    • make installation much more complex e.g. because certain components needed during setup at customer are pods which are only available after aksee is deployed
  • Another option would be the manipulation of the config & env files directly in Mariner, but
    we would rather prefer to use official and esp. supported solutions

Additional context
See above

@ivanthelad
Copy link

the documentation from kk3s implies this is possible post installation
https://docs.k3s.io/advanced#configuring-an-http-proxy
"Of course, you can also configure the proxy by editing these files."

Any pws function should just modify these attributes

@scholz
Copy link
Author

scholz commented Oct 2, 2024

Hi @ivanthelad : thank you for your reply and the link. We are looking into it from our side, but as written above would prefer an official solution where we can be sure that it will also work in the future. Also: can you confirm that modifying the k3s env should also be sufficient for the arc kubernetes agent to connect through the proxy?

@ivanthelad
Copy link

@parameshbabu can you comment here

@parameshbabu parameshbabu added the enhancement New feature or request label Dec 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants