Hide Forgot
1. What is the nature and description of the request? As a user of OCP v3 So that I can deploy a hosted origin system, and so that the system can serve multiple "customer" users, but not limited to the features and capabilities of the platform: We want a new feature: "Automatically apply multiproject quotas to users". This feature could enable the automatical adding of a ClusterResourceQuota at every new user creation. (as the users are created by Openshift when they login the system for instance) This feature should be activated or disabled in a config file (master config file for instance), so that Openshift administrator can decide to use it or not. If activated, the feature should enable the admin : - to allocate a ClusterResourceQuota by default to all the users that are in the platform, or that will be created later. For instance, every final user would have by default a ClusterResourceQuota named "user-name-DefaultClusterResourceQuota ". In this "user-name-DefaultClusterResourceQuota ", will be specified the quotas values defined in a template "DefaultClusterResourceQuota" (that the admin could modify) and also the "annotation: openshift.io/requester: <user-name>" - to allocate some other ClusterResourceQuota to other users that are labelled with specifc values for instance, if a user has a label: clusterresourcequotalevel=medium, then a ClusterResourceQuota would be created for this user (user-name-MediumClusterResourceQuota), with the values defined in the template "MediumClusterResourceQuota" and also the "annotation: openshift.io/requester: <user-name>" It looks important that a new ClusterResourceQuota object should be created for every user, and not to use a ClusterResourceQuota including a large list of users (knowing that every user can own several projects), as it is mentioned in the 3.3 documentation that : "Due to the locking consideration when claiming quota allocations, the number of active projects selected by a multi-project quota is an important consideration. Selecting more than 100 projects under a single multi-project quota may have detrimental effects on API server responsiveness in those projects." But there may be another way to avoid this. 2. Why does the customer need this? (List the business requirements here) It is important to us that the final users are able to create only one project or several projects (1 for dev, 1 for test, 1 for pre-production, 1 for production,...) to fit their needs. But as an openshift administrator, we also want to control the global resources that a final user can consume. Today, we need a way to automate this global quota enforcement, and avoid the limitation regarding the number of active projects in a multi-project quota. 3. How would the customer like to achieve this? (List the functional requirements here) - activate/disable the feature in the master config file - define clusterquota templates and associate them with user labels in the master config file - if feature activated, Openshift automatically create a clusterresourcequota for every user, based on the label assigned to user and the clusterresourcequota template associated
I have opened a corresponding trello card to provide an example, but the most likely outcome is a recommendation to implement this sort of logic using oc observe.
This bug has been identified as a dated (created more than 3 months ago) bug. This bug has been triaged (has a trello card linked to it), or reviewed by Engineering/PM and has been put into the product backlog, however this bug has not been slated for a currently planned release (3.9, 3.10 or 3.11), which cover our releases for the rest of the calendar year. As a result of this bugs age, state on the current roadmap and PM Score (being below 70), this bug is being Closed - Differed, as it is currently not part of the products immediate priorities. Please see: https://docs.google.com/document/d/1zdqF4rB3ea8GmVIZ7qWCVYUaQ7-EexUrQEF0MTwdDkw/edit for more details.