Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Highly-Available Kubernetes Cluster Deployment
  • Improved Persistent Storage resiliency through the use of a new Default Storage Class Provisioner
  • Multi-site support using CNI reference integration
    • note: applications can take advantage of multi-site by using POD and/or Node (anti)affinity, taints/tolerations, labels per application

...

  • Integration of an Ingress Controller for Northbound access control and reduction of NodePorts
  • Network Policies (Deferred to El Alto - due to lack of available resources)
  • Transparent TLS enablement via Istio reference integration required Istio→AFF integration (de-prioritized by security subcommittee)

           Addressed to a degree with M3 Checkpoint item under Security - "Has the project committed to enabling transport level encryption on all interfaces and the option to turn it off?".

          With the ability to disable all embedded encryption mechanisms, allows for Service Providers to choose to use Istio or other similar technologies. 

Footprint Optimization

  • Database Consolidation (DBaaS)
    • single shared MariaDB-Galera instance (clients in Dublin: SO, SDNC)
      • includes removing mySQL from SDNC in favor of MariaDB-Galera
    • single shared Cassandra instance (clients in Dublin: AAI, SDC)
    • Portal on shared MariaDB-Galera and Cassandra being investigated (Stretch Goal - has not yet been communicated with Portal Team)
    • single shared Postgres instance (deferred to El Alto)

...

OOM does not provide any external APIs.

If they are modified, are they backwards compatible?

N/A

Interface naming (point to an example)

N/A

Reference to the interfaces.

N/A

What are the system limits?

Dependent on Helm and Kubernetes

Involved use cases, architectural capabilities or functional requirements.

...