Overview of Provisioning Clusters
What is self-service cluster provisioning?
Self-service cluster provisioning enables developers and other users to independently set up and configure Wayfinder-managed Kubernetes clusters without direct intervention from administrators.
The specifications for these clusters include all necessary components such as cluster configuration, networking, bootstrapped packages, and compute templates, which detail the scale and type of virtual machines (node instances) required. These templates offer an optimal starting configuration that users can quickly deploy and customise as needed.
Once the self-service cluster provisioning specifications are defined, they can be used to create the cluster either directly through tools like Wayfinder's Command Line Interface (CLI) or User Interface (UI), or indirectly through automated Continuous Integration (CI) pipelines. This self-service model enhances flexibility, speed, and efficiency, empowering users to set up clusters tailored to their specific requirements.
Only administrators can create cloud access, cluster plans, cluster network plans, and compute templates. However, the cluster provisioning process can be initiated by administrators, workspace owners, or members.
How do self-service cluster provisioning fit in with the rest of Wayfinder?
Self-service cluster provisioning are part of Wayfinder's broader process flow for creating Wayfinder-managed Kubernetes clusters as part of the developer self-service process. Below is a brief overview of the different process flow parts in Wayfinder that are used to create the cluster provisioning specification.
Self-Service Cluster Creation Process
Administrators, workspace owners, or members initiate the self-service cluster creation process by specifying the cluster's provisioning specifications. These specifications can be used to provision the cluster directly via Wayfinder's CLI or User Interface, or indirectly through your CI pipeline.
Creating a Self-Service Cluster Provisioning Specification
Creating a cluster provisioning specification involves:
- Specifying a Cloud Access: This specification enables Wayfinder to access the cloud provider with the necessary permissions to manage and provision clusters.
- Specifying a Cluster Plan: A cluster plan includes:
- Cluster Network Plan: Outlines the network specification for cluster provisioning.
- Wayfinder Packages (Optional): Outlines the specification for each software/service that you want to use for bootstrapping the cluster during provisioning.
- Compute Templates (Optional): Pre-defined specifications for various compute instance (node pool) configurations, such as high-performance or low-cost options, to accelerate cluster creation in workspaces.
- Provisioning Policies: Enforces limits on self-service clusters such as cost restrictions, regions or permitted instance types.
Configuring Additional Policies
Cluster Access Policies and Cluster Policies are key to managing security, compliance, and access control within Wayfinder-managed clusters. Although these policies are not part of the self-service provisioning process itself, they are fully visible and configurable by administrators, enabling tailored management of permissions and governance as part of your overall cluster management strategy.
- Cluster Policies (Optional): Uses Kyverno to define and enforce security and compliance rules for cluster management and control.
- Cluster Access Policies: Grants users the right to gain short-lived access to a cluster themselves, or to assign permanent access to an access token.
This section focuses on self-service cluster provisioning specification.