Thanks a lot! I'm subscribing to it already. -- Mateus Caruccio / Master of Puppets GetupCloud.com - Eliminamos a Gravidade
On Thu, Mar 3, 2016 at 12:43 PM, Derek Carr <[email protected]> wrote: > I opened https://github.com/kubernetes/kubernetes/issues/22438 to discuss > the topic upstream. > > Feel free to comment with your support or more details on your use case if > needed. > > Thanks, > Derek > > On Wed, Mar 2, 2016 at 8:11 PM, Mateus Caruccio < > [email protected]> wrote: > >> I guess annotation would be better suitable for oc and other clients to >> issue queries, doesn't it? >> According to kubernets docs [1] it was designed for cases like this. >> >> [1] >> https://github.com/kubernetes/kubernetes/blob/master/docs/user-guide/annotations.md >> Em 02/03/2016 21:59, "Derek Carr" <[email protected]> escreveu: >> >>> Right... So you really need an immutable field in metadata or something >>> similar, or an annotation field that is overridden on every create/update >>> during admission. >>> >>> On Wednesday, March 2, 2016, Mateus Caruccio < >>> [email protected]> wrote: >>> >>>> Hi Derek. >>>> I'm building a billing backend based on container and pvc usage. >>>> The system is going to track any interesting activity (create and >>>> delete) by watching the corresponding endpoints and store it in a document >>>> database (mongodb or similar). >>>> One important point is that users should not be able to tamper this >>>> identifier, i.e. "oc edit pod/somepod". >>>> >>>> -- >>>> Mateus Caruccio / Master of Puppets >>>> GetupCloud.com - Eliminamos a Gravidade >>>> >>>> On Wed, Mar 2, 2016 at 9:27 PM, Derek Carr <[email protected]> wrote: >>>> >>>>> This is not a bad idea to do in admission control as part of the >>>>> namespace existence check. >>>>> >>>>> Can you elaborate a little more what you are trying to build around >>>>> the feature to see if there is anything else that would be required? I am >>>>> not sure it should be an annotation versus a field in metadata, i.e. >>>>> metadata.namespaceUid or something similar. >>>>> >>>>> Thanks, >>>>> >>>>> On Wednesday, March 2, 2016, Mateus Caruccio < >>>>> [email protected]> wrote: >>>>> >>>>>> Is there any way to tie resources (pod, pvc, secrets, bc, etc) to >>>>>> it's belonging namespace without looking for namespace's lifetime? >>>>>> >>>>>> Today I can do it by watching and recording the create and delete >>>>>> events for a namespace, then associate any resources to that namespace, >>>>>> but >>>>>> it doesn't seams to be the best approach. Namespaces can be destroyed and >>>>>> recreated by a different user with same name. >>>>>> >>>>>> I'm looking for something like automatically adding an annotation >>>>>> containing namespace's uid to all resources created inside it (some sort >>>>>> of >>>>>> primary key), as soon as the resource is created. >>>>>> >>>>>> >>>>>> -- >>>>>> Mateus Caruccio / Master of Puppets >>>>>> GetupCloud.com - Eliminamos a Gravidade >>>>>> >>>>> >>>> >
_______________________________________________ dev mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
