Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explain why to use priorityClassName: system-cluster-critical in production #1444

Merged
merged 2 commits into from
Mar 15, 2024
Merged

Explain why to use priorityClassName: system-cluster-critical in production #1444

merged 2 commits into from
Mar 15, 2024

Conversation

wallrj
Copy link
Member

@wallrj wallrj commented Mar 12, 2024
edited
Loading

Preview: https://deploy-preview-1444--cert-manager-website.netlify.app/docs/installation/best-practice/#priority-class-name

I've done some research into the use-cases for setting priorityClassName and what priority class to use.
I think cert-manager should use the built in priority class system-cluster-critical,
and I've tried to justify that in the document.

It turns out that if you want to use that built in priority class, you (always?) also have to create a ResourceQuota resource, and I've tried to explain that too.

@hawksight interested to know what you think about this new recommendation.

Links:

@jetstack-bot jetstack-bot added dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Mar 12, 2024
@wallrj wallrj requested a review from hawksight March 12, 2024 19:46
@netlify Netlify
Copy link

netlify bot commented Mar 12, 2024
edited
Loading

Deploy Preview for cert-manager-website ready!

Name Link
🔨 Latest commit 22da1ab
🔍 Latest deploy log https://app.netlify.com/sites/cert-manager-website/deploys/65f465fd80b8a40008df2ced
😎 Deploy Preview https://deploy-preview-1444--cert-manager-website.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@wallrj wallrj force-pushed the explain-how-to-use-priorityclassname branch from 72fd9ba to ed65537 Compare March 12, 2024 19:54
This was referenced Mar 13, 2024
Merged
Merged
Closed
Open
Merged
Merged
hawksight
hawksight approved these changes Mar 15, 2024
View reviewed changes
Copy link
Member

@hawksight hawksight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wallrj thank you for all the detailed explanation.

I think that I agree based on your research. Assuming Certificate or CertificateRequest resources need to validated (which needs the webhook component running), then the cert-manager components are now system critical.

The recommendations here look good, although I have not actually implemented them in a cluster to validate.

@hawksight
Copy link
Member

/lgtm

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Mar 15, 2024
@hawksight
Copy link
Member

/approve

@jetstack-bot jetstack-bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Mar 15, 2024
@wallrj wallrj force-pushed the explain-how-to-use-priorityclassname branch from 76b9a30 to 22da1ab Compare March 15, 2024 15:15
@wallrj wallrj requested a review from hawksight March 15, 2024 15:21
hawksight
hawksight approved these changes Mar 15, 2024
View reviewed changes
Copy link
Member

@hawksight hawksight left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

It is easier to read and more suggestive in this manner. Thanks @wallrj.
@aidy how does the revised content read to you?

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Mar 15, 2024
@wallrj
Copy link
Member Author

wallrj commented Mar 15, 2024

/approve

@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hawksight, wallrj

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 15, 2024
@jetstack-bot jetstack-bot merged commit 44e4381 into cert-manager:master Mar 15, 2024
8 checks passed
@wallrj wallrj deleted the explain-how-to-use-priorityclassname branch March 15, 2024 16:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hawksight hawksight hawksight approved these changes

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wallrj @hawksight @jetstack-bot