-
Notifications
You must be signed in to change notification settings - Fork 870
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Umbrella] standardize the naming of karmada secrets across different installation methods #5363
Comments
/assign chaosi-zju |
Hi @liangyuanpeng @prodanlabs @lonelyCZ @calvin0327 @zhzhuang-zju @pidb here Karmada has following secrets mounted by each components: I want to unifiy
do you have any advice on it? do you have any more suitable naming? or if you agree on this, please let me known~ thank you all~ |
aggree, sometimes users may combine various installation methods to install Karmada, and unifying these naming is meaningful. |
Could we select the naming of one installation method as the standard? This could avoid having to change the secret name for each installation method. |
I think no one is good enough. I am even considering rename the |
These two certificate names are quite confusing. We could rename them to follow the naming convention used for etcd certificates, like |
What would you like to be added:
standardize the naming of karmada secrets across different installation methods.
Why is this needed:
In karmada, here are two important secrets, which is mount by most karmada components. One is
karmada-cert
, which contains a series of cert files likeca.crt
,apiserver.crt
and so on; another iskarmada-kubeconfig
, which contains a kubeconfig of karmada-apiserver.However, in different installation methods, we used inconsistent secret naming or file path naming, which can potentially cause some unnecessary problems, such as:
secert/karmada-cert
, is namedkarmada-cert-secret
inlocal up
method, while namedkarmada-cert
inkarmadactl
method, which potentially caused:karmada-cert
Secret When Enabling Addons Usingkarmadactl
#5345secert/karmada-cert
, ca cert file is namedca.crt
inlocal up
method, while namedserver-ca.crt
inhelm
method, which potentially caused:secert/karmada-kubeconfig
, is namedkubeconfig
inkarmadactl init
andlocal up
method, while namedkarmada-kubeconfig
inhelm
method.helm
method, if I install karmada byhelm install karmada-xxx ...
, it will create a secret namingkarmada-xxx-cert
. Then if I install the singlekarmada-scheduler-estimator
component byhelm install karmada-scheduler-estimator-xxx --set installMode=component ...
, the component will look for secret namingkarmada-scheduler-estimator-xxx-cert
, the name is inconsistent. In this case, since we cannot reuse the same.Release.Name
when executing helm install, the secret name is not advised to be prefixed with.Release.Name
.How to do
I advise to standardize the naming of these karmada secrets like below in all installation methods:
Activities
The text was updated successfully, but these errors were encountered: