# Pulp Operator Patterns Note: These are patterns (designs) that Ansible Tower / AWX operator uses, and that we should probably use for pulp-operator. We do want to be consistent, as 1 overall product (Ansible Automation Platform). * Only thing required to be specified at deployment time for Ansible Tower: name * Optional * Labels, image tag, hostname,etc. * Admin password secret * Database configuration secret * Secret key secret * ImagePullPolicy * Web Container Resource Requirements * Replicas * Ingress Type - none, Ingress, route * Route TLS termination mechanism - edge, passthrough * Route DNS host - the matching hostname, public hostname. The cert gets created for this. * Preload instance with data upon creation * Not exposing all the options of the operator here. Only the most common / least advanced ones. Aim for what 90% of people want. * This generates a CR file. * Do not offer Ingress at the operator level. * Mount the secret (and encrypt it) on the container (awx-operator/roles/installer/templates/credentials.py.j2) * This way nobody can see the secrets on the wire * They put a few related config values in the secrets * You can chose whether to keep secrets or not after deleting the operator. * Lots of application config stored in configmap. * This gets mounted.