Restructure Tackle CRD for Better OpenShift Console Form Support
Problem
The current Tackle CRD uses x-kubernetes-preserve-unknown-fields: true with flat, snake_cased variables (e.g., feature_auth_required,
hub_container_limits_cpu, kai_llm_provider). This makes it difficult for the OpenShift console to generate a user-friendly form for configuring
Tackle instances.
Proposed Solution
Define a fully structured OpenAPI schema in the CRD with logical groupings that will enable the OpenShift console to display an organized, intuitive
form.
Proposed Structure
Below is an example Tackle CR using the proposed structured format:
apiVersion: tackle.konveyor.io/v1alpha1
kind: Tackle
metadata:
name: tackle
namespace: konveyor-tackle
spec:
# Feature toggles
features:
authRequired: true
authType: keycloak # keycloak, rhsso, rhbk
isolateNamespace: true
analysisArchiver: true
discovery: true
# Hub component configuration
hub:
image: quay.io/konveyor/tackle2-hub:latest
replicas: 1
logLevel: 3
metrics:
enabled: true
port: 2112
resources:
requests:
cpu: 500m
memory: 1Gi
limits:
cpu: "1"
memory: 2Gi
storage:
database:
size: 10Gi
# storageClass: my-storage-class
bucket:
size: 100Gi
accessMode: ReadWriteOnce
# storageClass: my-storage-class
tls:
enabled: false
# secretName: custom-tls-secret
# UI component configuration
ui:
image: quay.io/konveyor/tackle2-ui:latest
replicas: 1
resources:
requests:
cpu: 100m
memory: 350Mi
limits:
cpu: 500m
memory: 800Mi
ingress:
enabled: true
className: nginx
proxyBodySize: 500m
# pathType: Prefix
route:
enabled: true
tlsTermination: edge
insecureEdgeTerminationPolicy: Redirect
tls:
enabled: false
# Authentication configuration
auth:
# Common auth settings
adminUsername: admin
# Keycloak/SSO settings (when features.authType is keycloak)
keycloak:
image: quay.io/keycloak/keycloak:latest
replicas: 1
realm: tackle
clientId: tackle-ui
apiAudience: konveyor-api
requirePasswordUpdate: true
javaOpts: "-Dcom.redhat.fips=false"
resources:
requests:
cpu: 300m
memory: 600Mi
limits:
cpu: "1"
memory: 2Gi
database:
image: postgres:15
name: keycloak_db
version: "15"
resources:
requests:
cpu: 100m
memory: 350Mi
limits:
cpu: 500m
memory: 800Mi
storage:
size: 1Gi
tls:
enabled: false
# secretName: custom-tls-secret
# hostname: keycloak.example.com
# hostnameDynamic: false
# RHSSO settings (when features.authType is rhsso)
rhsso:
externalAccess: false
tls:
enabled: true
# RHBK settings (when features.authType is rhbk)
rhbk:
tls:
enabled: true
# Analysis components
analyzer:
image: quay.io/konveyor/addon-analyzer:latest
resources:
requests:
cpu: "1"
memory: 512Mi
limits:
cpu: "1"
memory: 1Gi
# Language providers
providers:
java:
image: quay.io/konveyor/provider-java:latest
resources:
requests:
cpu: "1"
memory: 2.5Gi
limits:
cpu: "1"
memory: 2.5Gi
csharp:
image: quay.io/konveyor/provider-csharp:latest
resources:
requests:
cpu: "1"
memory: 1Gi
limits:
cpu: "1"
memory: 1Gi
python:
image: quay.io/konveyor/provider-generic:latest
resources:
requests:
cpu: "1"
memory: 1Gi
limits:
cpu: "1"
memory: 1Gi
nodejs:
image: quay.io/konveyor/provider-generic:latest
resources:
requests:
cpu: "1"
memory: 1Gi
limits:
cpu: "1"
memory: 1Gi
# Discovery addon
discovery:
image: quay.io/konveyor/addon-discovery:latest
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 500m
memory: 512Mi
# Platform addon
platform:
image: quay.io/konveyor/addon-platform:latest
resources:
requests:
cpu: "1"
memory: 100Mi
limits:
cpu: "1"
memory: 512Mi
# Kai (AI/LLM) configuration
kai:
enabled: false
image: quay.io/konveyor/kai:latest
logLevel: info
enableDemoMode: false
enableTrace: true
# LLM configuration
llm:
model: gpt-4
provider: openai # openai, azure, google, bedrock, anthropic
baseUrl: https://api.openai.com/v1
temperature: 0.7
maxTokens: 2048
maxRetries: 3
# modelSpecificKwargs: {}
# LLM Proxy (optional)
proxy:
enabled: false
image: quay.io/lightspeed-core/lightspeed-stack:latest
# Kai database
database:
image: postgres:15
storage:
size: 5Gi
# Storage configuration
storage:
cache:
enabled: true
size: 100Gi
accessMode: ReadWriteMany
# storageClass: nfs
# Global storage class override
# storageClass: my-storage-class
# Network configuration
network:
# HTTP/HTTPS proxy settings
httpProxy: ""
httpsProxy: ""
noProxy: ""
# OAuth proxy (for OpenShift)
oauth:
enabled: true
provider: openshift
image: quay.io/openshift/oauth-proxy:latest
# Global settings
imagePullPolicy: IfNotPresent
# Advanced options
options:
# taskPodQuota: 50
disableMavenSearch: false
rwxSupported: false
Benefits
1. Better UX: OpenShift console can generate a multi-section form with clear categories
2. Validation: OpenAPI schema enables field validation, defaults, and documentation
3. Discoverability: Users can see all available options with descriptions
4. Type Safety: Proper typing (boolean, integer, string) prevents configuration errors
5. Maintainability: Logical grouping makes the CR easier to understand and maintain
6. Documentation: Schema descriptions appear as tooltips in the console
Implementation Plan
1. Update the CRD OpenAPI schema to define the full structure
2. Update the Ansible operator to support both old (flat) and new (structured) formats for backward compatibility
3. Add schema descriptions for each field to improve documentation
4. Add validation rules (min/max values, enums, required fields)
5. Update documentation and examples
Migration Strategy
To maintain backward compatibility:
- Support both old flat variables and new structured format
- Use a transition period where both are supported
- Provide migration guide and tools
- Default to structured format in new installations
Open Questions
1. Should we maintain backward compatibility indefinitely or deprecate flat variables?
2. What's the preferred migration timeline?
3. Should some rarely-used advanced options remain flat or be nested under an advanced section?
This structure groups related configuration together, making it much easier to work with in the OpenShift console while maintaining clarity about what
each component does.
Restructure Tackle CRD for Better OpenShift Console Form Support
Problem
The current Tackle CRD uses
x-kubernetes-preserve-unknown-fields: truewith flat, snake_cased variables (e.g.,feature_auth_required,hub_container_limits_cpu,kai_llm_provider). This makes it difficult for the OpenShift console to generate a user-friendly form for configuringTackle instances.
Proposed Solution
Define a fully structured OpenAPI schema in the CRD with logical groupings that will enable the OpenShift console to display an organized, intuitive
form.
Proposed Structure
Below is an example Tackle CR using the proposed structured format: