Verify the varnish cluster has to be installed in the same namespace as the backends

Question

Verify the varnish cluster has to be installed in the same namespace as the backends

cin opened this issue 3 years ago · 3 comments

Goes back to a slack discussion here. If it's not supported, should we support it? Pros/cons?

Answer 1 · 2022-01-20T12:24:37.000Z

Yeah, it's not supported, only within one namespace. Don't see reasons to not support it either. Looks like a nice addition.

Answer 2 · 2022-04-14T16:43:36.000Z

It will need some refactoring since we use a Service (and Endpoints) resource to discover the pods. We will either need to create the service in different namespace (which lead to the need to manually cleanup old services on reconfiguration) or query pods directly.
Querying pods also need to be handled with care since we'll have to watch for ALL pods in the cluster to detect new backend pods. Which also means we'll have to filter out not relevant pods and pod changes.
And we'll need more cluster role privileges to be able to query resources (pods or endpoints, depending on decision) to be able get resources from all namespaces.
Not sure which approach is better at first glance.

Answer 3 · 2022-04-19T01:10:02.000Z

@tomashibm, @cin and I talked about this. we think the first step should be verification that the operator can resolve the backends (so, first same namespace with verification), then being able to do a cross-namespace layout. it's a legitimate ask to have varnish in one namespace and service (or services) in others. We should support one-to-one and one to many varnish cluster to service[s] layout cross-namespace in the end.