Project goals
These are desired project goals which drive the design invariants stated below. Goals and scope may vary as the project evolves.
- Provide an API to express intent to create OpenShift Container Platform (OCP) clusters with a hosted control plane topology on existing infrastructure.
- Decouple control and data plane.
- Enable segregation of ownership and responsibility for different personas.
- Security.
- Cost efficiency.
Design invariants
- Communication between management cluster and a hosted cluster is unidirectional. A hosted cluster has no awareness of a management cluster.
- Communication between management cluster and a hosted cluster is only allowed from within each particular control plane namespace.
- Compute worker Nodes should not run anything beyond user workloads.
- A hosted cluster should not expose CRDs, CRs or Pods that enable users to manipulate HyperShift owned features.
- HyperShift components should not own or manage user infrastructure platform credentials.