Add the "client-secure" Pod to the Helm chart?
roy-work opened this issue · comments
Is your feature request related to a problem? Please describe.
It would be nice to have an easy way to connect to the CRDB cluster in a Kubernetes cluster.
Describe the solution you'd like
The docs even note this as a thing you might want to do, and link you to the almost ready-made example of how to create a pod to do that: https://github.com/cockroachdb/cockroach/blob/master/cloud/kubernetes/client-secure.yaml
Can that just make its way into the Helm chart? (It would be fine, and perhaps preferable, if that was being a values.yaml
flag to enable/disable it, too.)
I'd also switch this from a raw Pod
(which isn't recommended, and has various downsides) to a Deployment
¹ with replicas: 1
. sleep
(at least the one that is in GNU coreutils) can be invoked as sleep infinity
, and dumb-init
will all the pod to shutdown gracefully; a minimal "do nothing" pod is dumb-init -- sleep infinity
, and then you don't need the terminationGradePeriod
directive.
Describe alternatives you've considered
The status quo, of having it as an example:
- Since one already is using the Helm chart, it's harder to pull in than just "enable this flag".
- Orgs like mine want to vendor upstream software, and other orgs want to understand when & where 3rd-party code is. Random files like this — where I pull in this file, make a bunch of changes — make that very muddy, and don't integrate well with existing processes. But we have a process to vendor a Helm chart: so it if just gets packaged with that, then 🚀
Additional context
¹This does have the downside of making the pod name ugly. A StatefulSet
would make the pod name nicer, unless there's some magic way with a Deployment
to do nice names that I don't know about.
Jira issue: CRDB-36686
Hello, I am Blathers. I am here to help you get the issue triaged.
I was unable to automatically find someone to ping.
If we have not gotten back to your issue within a few business days, you can try the following:
- Join our community slack channel and ask on #cockroachdb.
- Try find someone from here if you know they worked closely on the area and CC them.
🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf.