1. Proposed title of this feature request Enforce node scheduling based on user or group membership 3. What is the nature and description of the request? Customer is running a centralized, multi-tenant oepnshift environment whereby each of their own customers has dedicated nodes within a specific dedicated subnet. It should be possible for users to self-provision projects and for these to be only scheduled within their dedicated nodes. As such, it would be useful to be able to specify default node selectors for a project based on a user or group. This is not currently possible when using identity providers other than LDAP, for which they have a workaround in place at the moment. 4. Why does the customer need this? (List the business requirements here) Currently, they are labeling customer nodes with e.g username=allowed for each of that customers users. Then. in the project request template, they add the annotaion for node-selector to be {PROJECT-REQUESTING-USER}=allowed. That way, even as a self-provisioned project, users will always schedule pods on the right nodes. While this works for LDAP, when using Azure Active Directory, the usernames contain "@" which is an invalid character for labelling nodes. Unless the customer restricts themselves to using LDAP, there's no good way for them to enable users to self-provision projects and guarantee that these will be scheduled on the correct nodes. In order to make their service more user friendly they would like to use different identity providers other than LDAP. 5. How would the customer like to achieve this? (List the functional requirements here) 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. 7. Is there already an existing RFE upstream or in Red Hat Bugzilla? No 10. List any affected packages or components. node
With the introduction of OpenShift 4, Red Hat has delivered or roadmapped a substantial number of features based on feedback by our customers. Many of the enhancements encompass specific RFEs which have been requested, or deliver a comparable solution to a customer problem, rendering an RFE redundant. This bz (RFE) has been identified as a feature request not yet planned or scheduled for an OpenShift release and is being closed. If this feature is still an active request that needs to be tracked, Red Hat Support can assist in filing a request in the new JIRA RFE system, as well as provide you with updates as the RFE progress within our planning processes. Please open a new support case: https://access.redhat.com/support/cases/#/case/new Opening a New Support Case: https://access.redhat.com/support/cases/#/case/new As the new Jira RFE system is not yet public, Red Hat Support can help answer your questions about your RFEs via the same support case system.