...
- Slice the tenant with the cluster "--context"
- [Kural]
- Tenant creation from the ONAP4K8s should be shared down to the cluster in the edge location
- Tenant should have kubeconfig context a slice of his their namespace alone
- [Kural]
- How to connect the istio Citadel certificates with Tenant? how to authenticate from the centralised location from onap4k8s to multi-cluster location?
- [Kural]
- Discuss so far with Istio folks and expertise, suggested that citadel certificate are bonded to namespace and specific for the application level. They are not targeted for the K8s Users
- For the k8s user, the certificates should be generated by the external entity and bind to the service account and the tenant as shown in the example - https://docs.bitnami.com/kubernetes/how-to/configure-rbac-in-your-kubernetes-cluster/
- [Kural]
- Tenant user bind to the certificates created from Citadel?
- [kural ]
- Initial Pathfinding show that Citadel may not be the right candidate for the K8s User certificate creation
- [kural ]
- How the cluster labels are configured in ONAP? how the MC tenant controller can identify them?
- [ kural ]
- Adding KUD and ONAP folks here Srinivasa Addepalli Akhila Kishore @Ritu @Kiran Itohan Ukponmwan Enyinna Ochulor
- Kubeconfig context should be passed from each KUD cluster to the ONAP
- KUD should invoke NFD immediately and enable the overall labels. And add those labels to cluster details and send back to the ONAP
- Cluster feature Discovery controller should be there in each Edge location cluster along with KUD, Run for each interval along with the NFD
- [ kural ]
...