Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Namespace selected via selector #3247

Open
Allure996 opened this issue Jun 21, 2023 · 4 comments
Open

Namespace selected via selector #3247

Allure996 opened this issue Jun 21, 2023 · 4 comments
Assignees
@thallgren
Labels
feature New feature or enhancement request

Comments

@Allure996
Copy link

Please describe your use case / problem.
I set up a namespace-scoped traffic-manager, by inserting all the names of the namespace in which I wanted it to have permissions (same for clientsRbac)
This works fine, but if I will have more namespace I will update values.yaml everytime.

Describe the solution you'd like
Since the namespaces in my clusters have common labels, it would be nice to allow us to select namespaces using selectors.

Describe alternatives you've considered

Versions (please complete the following information)

Client         : v2.13.1
Root Daemon    : v2.13.1
User Daemon    : v2.13.1
Traffic Manager: v2.14.0
  • Kubernetes Environment and Version: 1.24
@cindymullins-dw cindymullins-dw added the feature New feature or enhancement request label Jul 1, 2023
@cindymullins-dw
Copy link
Collaborator

cindymullins-dw commented Jul 1, 2023
edited
Loading

@Allure996 , you might check the docs note here and see if it covers your use case. If not, we'll leave this as a feature request.

@github-actions GitHub Actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment, or this will be closed in 7 days.

@github-actions github-actions bot added the stale Issue is stale and will be closed label Aug 16, 2024
@thallgren thallgren removed the stale Issue is stale and will be closed label Aug 19, 2024
@nurbek-workfindme
Copy link

This is a needed feature. Providing list of namespaces is not flexible enough when working with preview environments that are created and removed frequently. There should be either namespace selector or config that accepts regex for namespace names.

For example with this config:

namespaces: 'sbx-.*'

I want following namespaces to be selected as connectable:

sbx-one, sbx-two

@thallgren thallgren self-assigned this Dec 13, 2024
@thallgren
Copy link
Member

thallgren commented Dec 13, 2024
edited
Loading

Suggested implementation:

  1. The current managerRbac.namespaces setting remains. It must list names verbatim.
  2. A new top-level namespaces list is introduced, deprecating the managerRbac.namespaces.
  3. An entry in the namespaces list entry can either be name, a regular expression, or a selector in the form of an object.
  4. The final list of managed namespaces will consist of all entries in the deprecated managerRbac.namespaces, the names in the list, all existing namespaces matching a regular expression or has a metadata.labels set that matches a selector.
  5. Unless the final list is empty, the managerRbac.namespaced is implied.
  6. The current clientRbac.namespaced and clientRbac.namespaces will no longer be used.

When new namespaces arrive, it will be necessary to do a helm upgrade, because those namespaces must be added, not only to the traffic-manager's environment, but also the mutating webhook's namespaceSelector.

@Allure996, @nurbek-workfindme, does this proposal cover your needs?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thallgren thallgren

Labels
feature New feature or enhancement request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@thallgren @cindymullins-dw @Allure996 @nurbek-workfindme