<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Advanced Topics on gNMIc Operator</title><link>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/</link><description>Recent content in Advanced Topics on gNMIc Operator</description><generator>Hugo</generator><language>en-us</language><atom:link href="https://0e566201.gnmic-operator2.pages.dev/docs/advanced/index.xml" rel="self" type="application/rss+xml"/><item><title>Target Distribution</title><link>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/target-distribution/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/target-distribution/</guid><description>&lt;p>The gNMIc Operator uses a simple algorithm to distribute targets across pods.
More placement/distribution strategies will be implemented in the future.&lt;/p>
&lt;p>This page explains the algorithm and its properties.&lt;/p>
&lt;h2 id="algorithm-bounded-load-rendezvous-hashing">Algorithm: Bounded Load Rendezvous Hashing&lt;/h2>
&lt;p>The operator uses &lt;strong>bounded load rendezvous hashing&lt;/strong>, which combines two techniques:&lt;/p>
&lt;ol>
&lt;li>&lt;strong>Rendezvous hashing&lt;/strong>: For stability (targets stay on same pod)&lt;/li>
&lt;li>&lt;strong>Bounded load&lt;/strong>: For even distribution (no pod is overloaded)&lt;/li>
&lt;/ol>
&lt;h2 id="how-it-works">How It Works&lt;/h2>
&lt;h3 id="step-1-determine-capacity">Step 1: Determine Capacity&lt;/h3>
&lt;p>If the Cluster CR specifies &lt;code>spec.targetDistribution.perPodCapacity&lt;/code>, that value
is used as a fixed ceiling. Otherwise capacity is calculated automatically:&lt;/p></description></item><item><title>Scaling</title><link>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/scaling/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/scaling/</guid><description>&lt;p>The gNMIc Operator supports horizontal scaling of collector clusters. This page explains how scaling works and best practices for production deployments.&lt;/p>
&lt;h2 id="scaling-a-cluster">Scaling a Cluster&lt;/h2>
&lt;p>To scale a cluster, update the &lt;code>replicas&lt;/code> field:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#75715e"># Scale to 5 replicas&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>kubectl patch cluster my-cluster --type merge -p &lt;span style="color:#e6db74">&amp;#39;{&amp;#34;spec&amp;#34;:{&amp;#34;replicas&amp;#34;:5}}&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Or edit the Cluster resource:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-yaml" data-lang="yaml">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#f92672">spec&lt;/span>:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#f92672">replicas&lt;/span>: &lt;span style="color:#ae81ff">5&lt;/span> &lt;span style="color:#75715e"># Changed from 3&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="what-happens-when-you-scale">What Happens When You Scale&lt;/h2>
&lt;h3 id="scale-up--3--5-pods">Scale Up ( 3 → 5 pods)&lt;/h3>
&lt;ol>
&lt;li>Kubernetes creates new pods (&lt;code>gnmic-3&lt;/code>, &lt;code>gnmic-4&lt;/code>).&lt;/li>
&lt;li>Operator waits for pods to be ready.&lt;/li>
&lt;li>Operator recomputes the distribution plan. Existing target assignments are
preserved — only unassigned targets or targets displaced by capacity limits
are placed on the new pods.&lt;/li>
&lt;li>Configuration is applied to all pods.&lt;/li>
&lt;/ol>
&lt;h3 id="scale-down--5--3-pods">Scale Down ( 5 → 3 pods)&lt;/h3>
&lt;ol>
&lt;li>Operator recomputes the distribution plan for the reduced replica count.
Targets from removed pods flow through rendezvous hashing onto surviving
pods, bounded by each pod&amp;rsquo;s capacity.&lt;/li>
&lt;li>Configuration is applied to remaining pods.&lt;/li>
&lt;li>Kubernetes terminates pods (&lt;code>gnmic-4&lt;/code>, &lt;code>gnmic-3&lt;/code>).&lt;/li>
&lt;/ol>
&lt;h2 id="target-redistribution">Target Redistribution&lt;/h2>
&lt;p>The operator uses &lt;strong>bounded load rendezvous hashing&lt;/strong> to distribute targets.
See &lt;a href="../target-distribution/">Target Distribution&lt;/a> for a detailed explanation
of the algorithm.&lt;/p></description></item><item><title>Discovery Buffering</title><link>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/discovery-buffering/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/discovery-buffering/</guid><description>&lt;h2 id="overview">Overview&lt;/h2>
&lt;p>The target discovery subsystem uses Go channels to communicate between message senders (API server and target loader) and the receiver (message processor). Two parameters control how discovery messages are batched and buffered in the channel, directly affecting throughput, latency, and resource consumption.&lt;/p>
&lt;h2 id="parameters">Parameters&lt;/h2>
&lt;h3 id="discovery-chunk-size">Discovery Chunk Size&lt;/h3>
&lt;p>&lt;strong>Flag&lt;/strong>: &lt;code>--discovery-chunk-size&lt;/code>&lt;br>
&lt;strong>Helm Value&lt;/strong>: &lt;code>discovery.chunkSize&lt;/code>&lt;br>
&lt;strong>Type&lt;/strong>: Integer&lt;br>
&lt;strong>Default&lt;/strong>: &lt;code>100&lt;/code>&lt;/p>
&lt;p>&lt;strong>What it does&lt;/strong>: The maximum number of targets/events bundled into a single discovery message before sending to the channel buffer.&lt;/p></description></item><item><title>TLS Configuration</title><link>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/tls/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://0e566201.gnmic-operator2.pages.dev/docs/advanced/tls/</guid><description>&lt;p>The gNMIc Operator supports multiple TLS configurations for different communication paths:&lt;/p>
&lt;table>
 &lt;thead>
 &lt;tr>
 &lt;th>TLS Type&lt;/th>
 &lt;th>Config Location&lt;/th>
 &lt;th>Purpose&lt;/th>
 &lt;/tr>
 &lt;/thead>
 &lt;tbody>
 &lt;tr>
 &lt;td>&lt;strong>API TLS&lt;/strong>&lt;/td>
 &lt;td>&lt;code>cluster.spec.api.tls&lt;/code>&lt;/td>
 &lt;td>Operator ↔ gNMIc pod REST API&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>&lt;strong>Client TLS&lt;/strong>&lt;/td>
 &lt;td>&lt;code>cluster.spec.clientTLS&lt;/code>&lt;/td>
 &lt;td>gNMIc pod → Network target gNMI&lt;/td>
 &lt;/tr>
 &lt;tr>
 &lt;td>&lt;strong>Tunnel TLS&lt;/strong>&lt;/td>
 &lt;td>&lt;code>cluster.spec.grpcTunnel.tls&lt;/code>&lt;/td>
 &lt;td>Network device → gNMIc pod tunnel&lt;/td>
 &lt;/tr>
 &lt;/tbody>
&lt;/table>
&lt;h2 id="api-tls-operator--pods">API TLS (Operator ↔ Pods)&lt;/h2>
&lt;p>This TLS configuration secures the REST API communication between the operator controller and gNMIc collector pods.&lt;/p>
&lt;h2 id="overview">Overview&lt;/h2>
&lt;p>When TLS is enabled:&lt;/p>
&lt;ol>
&lt;li>&lt;strong>Server TLS&lt;/strong>: Each gNMIc pod presents a certificate to the operator&lt;/li>
&lt;li>&lt;strong>Client TLS (mTLS)&lt;/strong>: The operator presents a certificate to gNMIc pods&lt;/li>
&lt;li>&lt;strong>Certificate Verification&lt;/strong>: Both sides verify the other&amp;rsquo;s certificate&lt;/li>
&lt;/ol>
&lt;h2 id="prerequisites">Prerequisites&lt;/h2>
&lt;ol>
&lt;li>&lt;strong>cert-manager&lt;/strong> must be installed in your cluster:&lt;/li>
&lt;/ol>
&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.19.2/cert-manager.yaml
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;ol start="2">
&lt;li>&lt;strong>A CA Issuer&lt;/strong> must be configured in the gNMIc cluster&amp;rsquo;s namespace&lt;/li>
&lt;/ol>
&lt;h2 id="quick-start">Quick Start&lt;/h2>
&lt;p>Assuming the gNMIc cluster will be created in the &lt;code>default&lt;/code> namespace. Start by preparing an Issuer to secure the Cluster&amp;rsquo;s REST API.&lt;/p></description></item></channel></rss>