Skip to content

RFC: CRD v1beta1 Optimization and Configuration Extraction#23

Open
JAORMX wants to merge 4 commits intomainfrom
rfc/crd-v1beta1-optimization
Open

RFC: CRD v1beta1 Optimization and Configuration Extraction#23
JAORMX wants to merge 4 commits intomainfrom
rfc/crd-v1beta1-optimization

Conversation

@JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Jan 14, 2026

Summary

This RFC proposes architectural improvements to ToolHive's Kubernetes CRDs for the v1beta1 release.

Key Changes

New Configuration CRDs:

  • MCPOIDCConfig - Shared OIDC authentication config
  • MCPTelemetryConfig - Shared OpenTelemetry/Prometheus config
  • MCPAuthzConfig - Shared Cedar authorization policies
  • MCPAggregationToolConfig - Per-workload tool filtering for VirtualMCPServer

Structural Improvements:

  • Remove VirtualMCPServer's embedded Config field (CRD-first approach)
  • Replace type discriminators with CEL-validated unions
  • Remove deprecated fields (port, targetPort, toolsFilter)
  • Consolidate MCPRegistry status to single phase + conditions

Quality of Life:

  • Add printer columns for better kubectl get output
  • Introduce common LocalObjectReference type

Implementation Phases

  1. Phase 1: Define all v1beta1 API types with CEL validation
  2. Phase 2: Implement controllers (parallelizable)
  3. Phase 3: Testing, migration tooling (skill + agent), release

Related RFCs

  • THV-0001 (OpenTelemetry) - MCPTelemetryConfig builds on this
  • THV-0014 (vMCP K8s-Aware) - VirtualMCPServer changes align with this

Breaking Change

This is a breaking change from v1alpha1. Migration tooling will be provided.

🤖 Generated with Claude Code

jhrozek
jhrozek reviewed Jan 15, 2026
View reviewed changes
Copy link
Contributor

@jhrozek jhrozek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a bunch of comments related to the shared CRDs. I'm not sure if this proposal is not pulling in this opposite direction as @jerm-dro has been working in the vMCP config space.

JAORMX and others added 3 commits January 16, 2026 10:30
@JAORMX @claude
Add RFC for CRD v1beta1 optimization and configuration extraction
87da07c 
This RFC proposes architectural improvements to ToolHive's Kubernetes CRDs:

- Extract shared config into reusable CRDs (MCPOIDCConfig, MCPTelemetryConfig,
  MCPAuthzConfig, MCPAggregationToolConfig)
- Remove VirtualMCPServer's embedded Config field
- Replace type discriminators with CEL-validated unions
- Remove deprecated fields
- Consolidate MCPRegistry status

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@JAORMX @claude
Rename RFC to THV-0023 to match PR number
8450d73 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@JAORMX @claude
Address PR review feedback for CRD v1beta1 RFC
227f01e 
- Remove VirtualMCPServer Config embedding sections (deferred to follow-up PR)
- Split OIDC config into shareable (issuer, jwksUri, claims) vs per-server (audience, scopes)
- Split Telemetry config into shareable (endpoint, settings) vs per-server (serviceName)
- Add namespace to all config references
- Add status size discussion to Open Questions
- Clean up Go implementation details, keep architecture-focused content
- Update reference types to show per-server override patterns

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@JAORMX JAORMX force-pushed the rfc/crd-v1beta1-optimization branch from e3f65ad to 227f01e Compare January 16, 2026 08:59
@jhrozek
Copy link
Contributor

jhrozek commented Jan 19, 2026

LGTM now. I won't ack in case Jeremy adds his comments later so that the proposal doesn't get accidentally merged, but feel free to ping me once you need me to hit the approve button.

@jerm-dro jerm-dro mentioned this pull request Jan 23, 2026
Merged
5 tasks
@jerm-dro
RFC-0023: Add CRD and application config unification section (#27)
5f04688 
* RFC-0023: Add CRD and application config unification section

Add a new section addressing how CRD spec types relate to application
config structures, motivated by Issue #3125.

Key additions:
- Problem statement covering configuration pipeline complexity, silent
  bugs from translation layers, documentation divergence, and testing
  limitations
- Options comparison table contrasting separate vs unified types
- Proposal recommending new CRDs use the same types as application
  configs, with VirtualMCPServer and MCPTelemetryConfig as examples
- Trade-offs discussion including mitigation strategies for
  Kubernetes-specific reference fields

Updated for consistency:
- Added #3125 to Related Issues
- Added unified types goal to Goals section
- Updated Summary to mention unified CRD/config types
- Updated Implementation Plan to reflect unified types approach

Signed-off-by: Jeremy Drouillard <jeremy@stacklok.com>

* remove outdated section

Signed-off-by: Jeremy Drouillard <jeremy@stacklok.com>

* clarify example

Signed-off-by: Jeremy Drouillard <jeremy@stacklok.com>

---------

Signed-off-by: Jeremy Drouillard <jeremy@stacklok.com>
@ChrisJBurns ChrisJBurns self-requested a review February 10, 2026 18:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jhrozek jhrozek jhrozek left review comments

@jerm-dro jerm-dro jerm-dro left review comments

@ChrisJBurns ChrisJBurns Awaiting requested review from ChrisJBurns

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JAORMX @jhrozek @jerm-dro