-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
protect clusternet auto-generated resources don't be deleted #675
Comments
IMO this is feasible by granting appropriate RBAC rules. |
We encountered a problem, the HelmRelease and Description resources were recreated, which caused the Helm Chart on our child cluster to be uninstalled, but the corresponding Base resources did not change. Do you have any suggestions for this situation?
|
These resources were not artificially removed |
How come? In Clusternet controllers, these objects will not be recreated, but only be updated or deleted. |
Under normal circumstances, the creation time of Base, Description, and HelmRelease should be the same, but in our environment, it is obvious that Description and HelmRelease were deleted at a certain point in time |
What kind of scene can trigger the controller to delete all Descriptions? |
When a |
The truth is, the subscription is not deleted |
These intermediate resources may be accidentally deleted by some unaware administrator users. We have added a deletion protection mechanism to better protect applications in sub-clusters from being deleted. @dixudx RBAC rules cannot restrict admin users. |
What would you like to be added:
Prevent users from deleting intermediate resources created by clusternet
When deploying an application from a hub cluster, clusternet will automatically generate some intermediate resources, such as base, description, and helmrelease, and we do not want users to delete these resources directly.
Users only need to pay attention to the resources they create, such as manifest, helmchart, and subscription.
Why is this needed:
If the user deletes these intermediate resources, the application will be recreated in the sub-cluster, which is destructive for some applications.
The text was updated successfully, but these errors were encountered: