Skip to content

GCP-388: No direct cross-cluster network connectivity #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
patjlm wants to merge 1 commit into
base: main
Choose a base branch
from
Open

GCP-388: No direct cross-cluster network connectivity #2

patjlm wants to merge 1 commit into from
+111 −0

Conversation

@patjlm
Copy link
Contributor

@patjlm patjlm commented Feb 9, 2026

Summary

  • Adds design decision document formalizing the rule that no cluster may establish direct TCP/UDP connections to another cluster's kube API by default
  • Covers component constraints (Terraform, ArgoCD, CLS/CLM controllers) and SRE operational access patterns (no direct kubectl, break-glass only via escalation)
  • Extends existing decisions (rc-mc-transport-layer.md, regional-independence-architecture.md) into a system-wide principle

Test plan

  • Review doc structure against design-decisions/TEMPLATE.md checklist
  • Verify consistency with rc-mc-transport-layer.md and regional-independence-architecture.md
  • Confirm naming convention matches existing decision docs

🤖 Generated with Claude Code

@patjlm @claude
docs: add decision doc for no direct cross-cluster connectivity
1ba42d0 
Formalizes the rule that no cluster may establish direct TCP/UDP
connections to another cluster's kube API by default. Covers
component constraints (Terraform, ArgoCD, CLS/CLM) and SRE
operational access patterns (no direct kubectl, break-glass only).

Relates-to: GCP-388

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 9, 2026
edited by openshift-ci bot
Loading

@patjlm: This pull request references GCP-388 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the epic to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Summary

  • Adds design decision document formalizing the rule that no cluster may establish direct TCP/UDP connections to another cluster's kube API by default
  • Covers component constraints (Terraform, ArgoCD, CLS/CLM controllers) and SRE operational access patterns (no direct kubectl, break-glass only via escalation)
  • Extends existing decisions (rc-mc-transport-layer.md, regional-independence-architecture.md) into a system-wide principle

Test plan

  • Review doc structure against design-decisions/TEMPLATE.md checklist
  • Verify consistency with rc-mc-transport-layer.md and regional-independence-architecture.md
  • Confirm naming convention matches existing decision docs

🤖 Generated with Claude Code

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@coderabbitai
Copy link

coderabbitai bot commented Feb 9, 2026
edited
Loading

Walkthrough

A new design decision document was added establishing a no-direct-cross-cluster-connectivity policy for GCP-HCP infrastructure. The policy forbids direct TCP/UDP cross-cluster connections by default across Global, Regional, and Management clusters, with exceptions only via controlled escalation, mandating indirect coordination mechanisms instead.

Changes

Cohort / File(s) Summary
Design Decision Documentation
design-decisions/no-direct-cross-cluster-connectivity.md		 New design decision document establishing architectural policy for cluster connectivity. Defines scope covering Global, Regional, and Management clusters; documents alternatives evaluated (default no direct, controlled direct, VPN mesh); provides rationale grounded in defense-in-depth and zero-trust principles; outlines consequences, cross-cutting concerns, and implementation impact for Terraform, ArgoCD, cross-cluster controllers, and SRE operations. Explicitly excludes worker-node PSC data-plane connectivity from scope.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically describes the main change: addition of a design decision document establishing a no-direct-cross-cluster-connectivity policy.
Description check ✅ Passed The description is directly related to the changeset, explaining what the design decision document covers, its scope, and the test plan for review.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

No actionable comments were generated in the recent review. 🎉

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

Comment @coderabbitai help to get the list of available commands and usage tips.

@jimdaga
Copy link
Contributor

jimdaga commented Feb 9, 2026

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Feb 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jimdaga jimdaga

Labels

jira/valid-reference lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@patjlm @openshift-ci-robot @jimdaga