---
title: "Reliable k8s resource Submission & Bookkeeping"
weight: 5
tags:
 - kubecon
 - platform
---

<!-- {{% button href="https://youtu.be/rkteV6Mzjfs" style="warning" icon="video" %}}Watch talk on YouTube{{% /button %}} -->
<!-- {{% button href="https://docs.google.com/presentation/d/1nEK0CVC_yQgIDqwsdh-PRihB6dc9RyT-" style="tip" icon="person-chalkboard" %}}Slides{{% /button %}} -->

## Service offerings

- Product: HA Container Platform for general utility with a focus on run-to-complete
- Use-Cases: ML Orchestration, CI/CD, Machine maintainace, Financial analysis, Data Processing pipeline
- Requirements: Observability, Scheduling Events, Approval process, Bookkeeping, Datacenter Reseliency
- Focus: Resiliency (HA with datacenter failover)
- What the user needs: Workflow (e.g. generate report, persist report, notify)
- What we need for the user: ConfigMaps + Secrets, Workflow templates for the steps

## Challenges

- Read after modify across multiople datacenters
- Many reads against kubeapi that could overload the apiserver
- No native approval flows and limited audit

## Submission flows from a users perspective

### Submission of runnables

- User: Submits runnable to subnitter with audit
- Submitter: Handels retry, verification, ...
- Submitter: Configures workload on workload clusters

TODO: Steal image from slides

### Submission of deployables

- User: deploys mutation to audit/sourceoftrough
- Syncer: Syncs deployables to workload clusters

TODO: Steal image from slides

## Reporting

- User wants: UI with latest status for all jobs
- Compliance wants: Transactions on given resource for auditing
- Implementation: Highly available inventory as single source of truth

```mermaid
graph
    WorkflowAPI-->|reads|inventory
    Consumer-->|updates|inventory
    Producer-->|publishes events to|Consumer
```

### Potential Problems

- Problem: Delete event does not get propagated from syncer to producer leading to zombie ressources
- Fix: Periodic Cleanup

### Overview

TODO: Steal from slide