-
Notifications
You must be signed in to change notification settings - Fork 674
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docs: Clarify how networking between data plane propeller and control plane data catalog can be configured in multi-cluster deployment #5345
Conversation
… data catalog can be configured Signed-off-by: Fabio Grätz <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #5345 +/- ##
==========================================
- Coverage 61.10% 61.10% -0.01%
==========================================
Files 794 794
Lines 51213 51213
==========================================
- Hits 31295 31294 -1
- Misses 17037 17038 +1
Partials 2881 2881
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
in the control plane cluster can for instance be made available to the ``flytepropeller`` services in the data plane | ||
clusters with an internal load balancer service (see e.g. `GKE documentation <https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing#create>`_ | ||
or `AWS Load Balancer Controller <https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/nlb/>`_). | ||
if the clusters use the same VPC network. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Happy to modify the formulation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks good to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks OK to me docs-wise -- @davidmirror-ops would also appreciate your input here
not exposed via the ingress by default and does not have its own authentication mechanism. The ``catalog`` service | ||
in the control plane cluster can for instance be made available to the ``flytepropeller`` services in the data plane | ||
clusters with an internal load balancer service (see e.g. `GKE documentation <https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing#create>`_ | ||
or `AWS Load Balancer Controller <https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/nlb/>`_). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or `AWS Load Balancer Controller <https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/nlb/>`_). | |
or `AWS Load Balancer Controller <https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/nlb/>`_) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The last phrase is rendering slightly wrong in github but it'll be fine once picked up by sphinx.
in the control plane cluster can for instance be made available to the ``flytepropeller`` services in the data plane | ||
clusters with an internal load balancer service (see e.g. `GKE documentation <https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing#create>`_ | ||
or `AWS Load Balancer Controller <https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/service/nlb/>`_). | ||
if the clusters use the same VPC network. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks good to me.
… data catalog can be configured (flyteorg#5345) Signed-off-by: Fabio Grätz <[email protected]> Co-authored-by: Fabio Grätz <[email protected]>
Why are the changes needed?
The multi-cluster deployment documentation is slightly ambiguous on how the networking between the data plane cluster flytepropeller service and control plane cluster datacatalog service works, suggesting that datacatalog was exposed via the ingress.
I clarify that the user would need to expose datacatalog themselves and that datacatalog does not have its own auth mechanism. I also suggest to use a VPC-internal load balancer service for this purpose instead.