From a68d058036208727f1f103bd6325d045051ada67 Mon Sep 17 00:00:00 2001 From: Skye Gill Date: Tue, 21 Mar 2023 10:31:42 +0000 Subject: [PATCH] review suggestions Signed-off-by: Skye Gill --- OFEP-ofo-flagd-service.md | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/OFEP-ofo-flagd-service.md b/OFEP-ofo-flagd-service.md index 21b6be4..fee5c8f 100644 --- a/OFEP-ofo-flagd-service.md +++ b/OFEP-ofo-flagd-service.md @@ -11,4 +11,23 @@ The driving force behind this is to simplify the deployment of flagd for use by ## Proposal Introduce a FlagdService custom resource definition (CRD) and controller. -The controller uses the configuration defined within the custom resource (CR) to create a Service and a Deployment of flagd (backed by the Service). This is a common deployment pattern permitting access by any component that routes to the created Service (e.g. Ingress/Load Balancer). +The controller uses the configuration defined within the custom resource (CR) to create a Service and a Deployment of flagd (backed by the Service) in the configured namespace. This is a common deployment pattern permitting access by any component that routes to the created Service (e.g. Ingress/Load Balancer). OFO already manages the [sidecar deployment pattern](https://learn.microsoft.com/en-us/azure/architecture/patterns/sidecar) to achieve the goal of internally routable flagd. In contrast, the described FlagdService pattern permits externally routable flagd. + +### RBAC + +OFO already has RBAC to Deployments but not Services so the following is required. + +``` +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +```