Add external k8s cluster usecase #4
Conversation
gcp/environment/README.md
Outdated
| @@ -0,0 +1,26 @@ | |||
| # GCP Environment Workflow | |||
|
|
|||
| This workflow provisions and configures a complete GCP-based Kubernetes environment using the `koreo.dev` workflow engine and custom `ResourceFunction` and `ValueFunction` modules. | |||
There was a problem hiding this comment.
This doesn't actually create a GKE cluster though, just the network environment needed for one, so this description is a bit misleading I think.
There was a problem hiding this comment.
ope, good catch, that is leftover from when I split it out
gcp/environment/subnet.k.yaml
Outdated
| - rangeName: servicesrange | ||
| ipCidrRange: 10.11.0.0/16 | ||
| - rangeName: clusterrange | ||
| ipCidrRange: 10.12.0.0/16 |
There was a problem hiding this comment.
Should the secondary ranges be made inputs as well?
gcp/federated-gke/README.md
Outdated
| @@ -0,0 +1,143 @@ | |||
| # Federated GKE Workflow | |||
|
|
|||
| This workflow provisions and configures a complete GCP-based Kubernetes environment using the `koreo.dev` workflow engine and custom `ResourceFunction` and `ValueFunction` modules. | |||
There was a problem hiding this comment.
This description should probably mention what we mean by "federated" here, i.e. it sets up a GKE cluster that Koreo itself can manage resources within from a remote cluster.
gcp/federated-gke/README.md
Outdated
| - Each resource function should be implemented to create or reconcile its respective GCP or K8s object. | ||
| - The `metadata` step centralizes naming and labeling to ensure consistent tagging and traceability. | ||
|
|
||
| ### Notes |
There was a problem hiding this comment.
Can we just combine the two notes sections?
|
|
||
| ### Notes | ||
| - Ensure Koreo service account has permissions to edit IAM policy | ||
| - I made it owner of the account, but this could be restricted I am sure. |
There was a problem hiding this comment.
Or did you intend to clean these notes up to be more consumable?
|
|
||
| for pod in pykube.Pod.objects(api).filter(namespace="kube-system"): | ||
| print(pod.name) | ||
| ``` |
There was a problem hiding this comment.
Are you planning to open source the sidecar you wrote that does this?
| name: federatedgke.example.koreo.dev | ||
| spec: | ||
| scope: Namespaced | ||
| group: acme.example.com |
There was a problem hiding this comment.
I think you changed this to example.koreo.dev in the other example?
| @@ -0,0 +1,9 @@ | |||
| --- | |||
| apiVersion: example.koreo.dev/v1 | |||
No description provided.