Remove Hardcoded kube-system Namespace for ingress-uid ConfigMap #2874
Description
Description:
Currently, the Ingress Controller stores the ingress-uid ConfigMap in the kube-system namespace by default. This behavior is hardcoded, limiting deployment flexibility and namespace isolation.
To align with best practices and enhance controller deployment flexibility, the namespace for ingress-uid should be configurable based on the namespace where the controller is running or explicitly provided via a flag (e.g., --ingress-configmap-namespace).
Current Behavior:
ingress-uidConfigMap is always created in thekube-systemnamespace, even if the controller is running in a different namespace.
Expected Behavior:
- The
ingress-uidConfigMap should be created in the namespace where the controller is running. - Alternatively, provide a flag such as
--ingress-configmap-namespaceto override the namespace. - If not specified, the controller's own namespace should be the default.
Proposed Solution:
-
Introduce a flag:
--ingress-configmap-namespace=<namespace>
-
Fallback logic:
- If the flag is not set, default to the controller's namespace (
POD_NAMESPACE). - If that is not set, fallback to
kube-system.
- If the flag is not set, default to the controller's namespace (
-
Controller logic change (I'm assuming, It's doing something like):
Replace hardcoded namespace in:client.CoreV1().ConfigMaps("kube-system").Create(...)
With:
namespace := os.Getenv("POD_NAMESPACE") if namespace == "" { namespace = "kube-system" } client.CoreV1().ConfigMaps(namespace).Create(...)
Impact:
- Enhanced flexibility for running the controller in different namespaces.
- Better alignment with namespace isolation and multi-tenant Kubernetes clusters.