Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Watch Namespaces based on labels and label selectors #9274

Closed
1 of 4 tasks
DuncanDoyle opened this issue Mar 26, 2024 · 6 comments · Fixed by #10141
Closed
1 of 4 tasks

Watch Namespaces based on labels and label selectors #9274

DuncanDoyle opened this issue Mar 26, 2024 · 6 comments · Fixed by #10141
Assignees
@davidjumani
Labels
Area: API activities related to API Area: UI Area: Usability Area: UX Prioritized Indicating issue prioritized to be worked on in RFE stream release/1.17 release/1.18 Type: Enhancement New feature or request zendesk

Comments

@DuncanDoyle
Copy link
Collaborator

DuncanDoyle commented Mar 26, 2024
edited by sync-by-unito bot
Loading

Gloo Edge Product

Enterprise

Gloo Edge Version

1.16.4

Is your feature request related to a problem? Please describe.

In GE, we currently either watch all namespaces, or we watch the namespaces configured in the watchNamespaces configuration. This is a very static setup. In a development environment, where you might use a namespace per PR, a more dynamic way of configuring which namespaces are being watched would provide the required flexibility (otherwise the GE config would need to be constantly updated).

Note that we need to watch namespaces if we want to route to K8S services in Upstreams using EDS (i.e. using kube Kubernetes UpstreamSpec: https://docs.solo.io/gloo-edge/1.7.23/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk/), as Gloo needs to be able to access the K8S endpoints in those namespaces.

Describe the solution you'd like

Use K8S label selectors and labels on namespaces to dynamically add namespaces to GEs watchNamespaces.

Describe alternatives you've considered

Regex based namespace selectors.

Additional Context

No response

Related Issues:

┆Issue is synchronized with this Asana task by Unito
@DuncanDoyle DuncanDoyle added the Type: Enhancement New feature or request label Mar 26, 2024
@DuncanDoyle DuncanDoyle mentioned this issue Mar 27, 2024
Closed
@nrjpoddar
Copy link

@sam-heilbron to look at this issue for scope/estimation.

@htpvu htpvu added the Prioritized Indicating issue prioritized to be worked on in RFE stream label Jul 2, 2024
@yuval-k
Copy link
Contributor

yuval-k commented Aug 15, 2024

is this for tenancy? or for RBAC? i believe watch namespaces being a list allows us to use Roles instead of ClusterRoles

@davidjumani
Copy link
Contributor

This is for tenancy. If edge is installed with global.glooRbac.namespaced enabled, it uses Roles instead of ClusterRoles

@sam-heilbron
Copy link
Contributor

cc @davidjumani internal slack ref

@soloio-bot
Copy link

Zendesk ticket #3965 has been linked to this issue.

@davidjumani davidjumani mentioned this issue Aug 30, 2024
Closed
4 tasks
This was referenced Sep 3, 2024
Merged
Closed
This was referenced Sep 19, 2024
Merged
Merged
Merged
@davidjumani davidjumani mentioned this issue Sep 24, 2024
Merged
4 tasks
@davidjumani
Copy link
Contributor

This is in OSS v1.18.0-beta24 and v1.17.9
It will be in Enterprise v1.18.0-beta2 and v1.17.3 when released

@solo-changelog-bot solo-changelog-bot bot mentioned this issue Oct 1, 2024
Merged
4 tasks
@nfuden nfuden mentioned this issue Nov 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidjumani davidjumani

Labels
Area: API activities related to API Area: UI Area: Usability Area: UX Prioritized Indicating issue prioritized to be worked on in RFE stream release/1.17 release/1.18 Type: Enhancement New feature or request zendesk
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove redundant Discovery tests kgateway-dev/kgateway
8 participants
@yuval-k @DuncanDoyle @sam-heilbron @davidjumani @htpvu @nrjpoddar @soloio-bot @jswinner09