K8s: Tutor should not assume sole control on k8s namespace #1018
Comments
|
What command specifically is causing an issue? What are the logs? |
|
This is a good point. I manage a "sandbox" instance at work. This "sandbox" part means that users and courses are being wiped once in a while. The namespace itself and the cleanup |
|
Ah, sorry for not coming back earlier, I somehow missed the answer. Yes, it's the fact that the namespace being deleted while externally managed (ArgoCD in our case). ArgoCD allows us to provision k8s environments for projects (including the namespace, roles and so on), such that the user works within their assigned NS and permissions. A flag as suggested by @snglth would be perfect for our use case as well. |
|
Let's not add a new configuration setting without further consideration. There are alternatives:
|
Bug description
When creating a new environment, tutor will create the namespace automatically. More crucially, when deleting an environment, it will attempt to delete the namespace as well.
This is an issue if the namespace is externally created (in our case, basically the entire cluster except tutor is GitOps managed using ArgoCD), which is also creating the namespace including a few basic services (HashiCorp vault connection for secret store and so on). When tutor attempts to delete the NS, it conflicts with ArgoCD.
Again it might make sense to introduce an additional parameter to control the behaviour.
The text was updated successfully, but these errors were encountered: