Skip to content

IDEA: how to run multiple shoot monitor managers #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
vknabel wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

IDEA: how to run multiple shoot monitor managers #82

vknabel wants to merge 1 commit into from
+119 −2

Conversation

@vknabel
Copy link
Contributor

@vknabel vknabel commented Jan 19, 2026

Description

We plan on running one FCM to reconcile multiple namespaces #66

But to fully support our current feature set, we would be required to also observe the firewall monitors in dynamically allocated clusters. Setting one single kubeconfig via CLI flags does not cut it here.

Instead we would require FirewallDeployments to have a new (Shoot-)Kubeconfig-SecretRef. For every FirewallDeployment would then watch that secret to create a new Monitor Controller Manager.

These Monitor Controller Managers would need to be managed within the FCM.
Whenever:

  • a new Firewall Deployment is being reconciled, a Monitor CM will be created
  • a Firewall Deployment is gone, the Monitor will be stopped
  • a Kubeconfig Secret (Ref) is gone, the Monitor will be stopped

The code of this PR currently only shows how we could approach the lifecycle of these monitor managers

@vknabel vknabel added area: cluster-api Affects the cluster-api area. area: gardener Affects the gardener area. keep branch Don't delete this branch, e.g. for future reference or when used in a deployment labels Jan 19, 2026
@vknabel vknabel force-pushed the multiple-shoot-monitor-managers branch from 92a0617 to fa9fae1 Compare January 19, 2026 11:03
vknabel
vknabel commented Jan 19, 2026
View reviewed changes
controllers/monitor/manager-state.go
}
}

type MonitorManagerScheduler struct {
Copy link
Contributor Author

@vknabel vknabel Jan 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Naming and module still to debate.

vknabel
vknabel commented Jan 19, 2026
View reviewed changes
controllers/monitor/manager-state.go
ref := deploymentRefTo(deploy)
log := m.log.WithValues("namespace", ref.namespace, "name", ref.name)

shootConfig, err := m.cc.ShootAccessHelper.RESTConfig(ctx) // TODO: adjust to fetch the kubeconfig
Copy link
Contributor Author

@vknabel vknabel Jan 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TODO: adjust to fetch the kubeconfig

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area: cluster-api Affects the cluster-api area. area: gardener Affects the gardener area. keep branch Don't delete this branch, e.g. for future reference or when used in a deployment

Projects

Development
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vknabel