Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable Connections and Policies to be configured by ConfigMaps #2058

Open
mladBlum opened this issue Nov 6, 2024 · 1 comment
Open

Enable Connections and Policies to be configured by ConfigMaps #2058

mladBlum opened this issue Nov 6, 2024 · 1 comment
Labels
community-interest Issues which were explicitly asked for by the Ditto community. help wanted

Comments

@mladBlum
Copy link
Contributor

mladBlum commented Nov 6, 2024

Setting up Eclipse Ditto fully automatically in a Kubernetes cluster using Helm is incredibly practical. However, to achieve a truly automated setup, there are some missing configuration options, Connections and Policies.

Currently, after successfully setting up Ditto, Connections and Policies need to be configured via API call. This requires an extra tool that monitors Ditto and executes the necessary API calls after Ditto has started.
Enabling the configuration of Connections and Policies within ConfigMaps would significantly simplify the deployment. Ditto could automatically read these resources and configure itself accordingly upon startup. This approach aligns with Kubernetes best practices and would streamline the deployment process.

I’m not on the development team, but here are a few thoughts. To implement such a feature, Ditto could be enhanced to process configurations provided by files in a designated folder, where ConfigMaps would be mounted.
This feature is probably also a benefit for classic server installations as well, allowing server administrators to pass the entire configuration at startup.

@thjaeckle
Copy link
Member

Sure, that could be an additional way of configuring policies and connections.
This however has the downside that a restart of the pod is required to react on updated configmaps / files.
Maybe a file (e.g. via inode) watch would also work to apply config changes without restart.

The benefit of the current approach is that policies/connections can be dynamically added, adjusted, etc. - without any impact to all other policies/connections.
In my company's setup, we make use of a terraform-provider-restapi in order to manage policies and connection. Terraform (or Terragrunt in our case) "checks" the resources via Ditto's HTTP API and updates them in-place (if necessary), creates or deletes them, if needed.

If you want to contribute that in a way which does not destroy the current dynamic way, we surely will accept the contribution.
For our companies use-case I don't see much value, as we use connections and policies very dynamically - they are often changed, new ones come, old ones go, etc.

@thjaeckle thjaeckle added help wanted community-interest Issues which were explicitly asked for by the Ditto community. labels Nov 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
community-interest Issues which were explicitly asked for by the Ditto community. help wanted
Projects
None yet
Development

No branches or pull requests

2 participants