We have now to create ores-legacy-staging.svc.codfw.wmnet for the ml-staging-codfw cluster, but instead of creating a specialized VIP + config we could follow what Service Ops did to keep things in sync between the teams, namely a single endpoint.
The overall idea is to:
- create ml-staging.svc.codfw.wmnet as CNAME for one of the ml-staging200[12] nodes.
- create a cergen certificate like the one for wikikube staging to deploy on tls-proxy containers (mesh).
- modify the ingress module in deployment-charts to generate the correct values for this new endpoint.
On the knative / istio side:
- Allow the definition of multiple Istio ingresses in our helmfile Istio config.
- Allow to use a different ingress for knative-serving.